Showing 1 - 4 of 4

CVE-2013-4327

Status Candidate

Overview

systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.

Related Files

Gentoo Linux Security Advisory 201406-27: Posted Jun 27, 2014; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201406-27 - A race condition in polkit could allow a local attacker to gain escalated privileges. Versions less than 3.14.1 are affected.; tags | advisory, local; systems | linux, gentoo; advisories | CVE-2013-4288, CVE-2013-4311, CVE-2013-4324, CVE-2013-4325, CVE-2013-4327; SHA-256 | e25d75df9ade95871973ee8eb13ecdc5976b44c82d22212c6566220987e42d0e; Download | Favorite | View

Debian Security Advisory 2777-1: Posted Oct 11, 2013; Authored by Debian | Site debian.org; Debian Linux Security Advisory 2777-1 - Multiple security issues in systemd have been discovered by Sebastian to the bypass of Policykit restrictions and privilege escalation or denial of service through an integer overflow in journald and missing input sanitising in the processing of X keyboard extension (XKB) files.; tags | advisory, denial of service, overflow; systems | linux, debian; advisories | CVE-2013-4327, CVE-2013-4391, CVE-2013-4394; SHA-256 | 317013ec0e6ce864ca057e95e8db59dc95c1c32f8d7632418eb29c25cb50f773; Download | Favorite | View

Mandriva Linux Security Advisory 2013-243: Posted Sep 27, 2013; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2013-243 - A race condition was found in the way the PolicyKit pkcheck utility checked process authorization when the process was specified by its process ID via the --process option. A local user could use this flaw to bypass intended PolicyKit authorizations and escalate their privileges.; tags | advisory, local; systems | linux, mandriva; advisories | CVE-2013-4288, CVE-2013-4325, CVE-2013-4326, CVE-2013-4327; SHA-256 | 91ca06b6329364c75747c0f85a55c45bc6033f08b2e6bb7fa73577a3bf412762; Download | Favorite | View

Ubuntu Security Notice USN-1961-1: Posted Sep 18, 2013; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1961-1 - It was discovered that systemd was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations.; tags | advisory, local; systems | linux, ubuntu; advisories | CVE-2013-4327; SHA-256 | 8d3f12f496aefbcf0ee96e07388171506a6f132ca36d598b2ad413d8cf4b4c4e; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 239 files
Ubuntu 62 files
Debian 23 files
LiquidWorm 20 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Chokri Hammedi 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,862)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,265)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,976)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2013-4327

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems