Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-4625

Опубликовано: 26 окт. 2015
Источник: debian

Описание

Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
policykit-1fixed0.113-1experimentalpackage
policykit-1fixed0.105-12package
policykit-1fixed0.105-15~deb8u1jessiepackage
policykit-1no-dsawheezypackage
policykit-1no-dsasqueezepackage

Примечания

  • http://lists.freedesktop.org/archives/polkit-devel/2015-May/000419.html

  • http://lists.freedesktop.org/archives/polkit-devel/2015-June/000425.html

  • https://bugs.freedesktop.org/show_bug.cgi?id=90837

  • https://bugs.freedesktop.org/show_bug.cgi?id=90832

  • https://www.openwall.com/lists/oss-security/2015/06/08/3

  • http://cgit.freedesktop.org/polkit/commit/?id=ea544ffc18405237ccd95d28d7f45afef49aca17

  • http://cgit.freedesktop.org/polkit/commit/?id=493aa5dc1d278ab9097110c1262f5229bbaf1766

  • http://cgit.freedesktop.org/polkit/commit/?id=fb5076b7c05d01a532d593a4079a29cf2d63a228

Связанные уязвимости

ubuntu логотип

CVE-2015-4625

ubuntu
больше 10 лет назад

Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value.

redhat логотип

CVE-2015-4625

redhat
больше 10 лет назад

Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value.

nvd логотип

CVE-2015-4625

nvd
больше 10 лет назад

Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value.

github логотип

GHSA-m24q-4952-3p5h

github
больше 3 лет назад

Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value.

fstec логотип

BDU:2015-11967

fstec
больше 10 лет назад

Уязвимость операционных систем Fedora и openSUSE, позволяющая нарушителю повысить свои привилегии