Описание
A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.
Ссылки
- Issue TrackingMailing ListThird Party Advisory
- ExploitPatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Issue TrackingMailing ListThird Party Advisory
- ExploitPatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:polkit_project:polkit:0.115:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Конфигурация 3
Одно из
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.59639
Средний
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 8.8
ubuntu
около 7 лет назад
A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.
CVSS3: 7
redhat
около 7 лет назад
A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.
CVSS3: 8.8
debian
около 7 лет назад
A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user wi ...
EPSS
Процентиль: 98%
0.59639
Средний
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-20