PolicyKit Local Privilege Escalation Vulnerability
BID:68771
Info
PolicyKit Local Privilege Escalation Vulnerability
| Bugtraq ID: | 68771 |
| Class: | Race Condition Error |
| CVE: |
CVE-2014-5033 |
| Remote: | No |
| Local: | Yes |
| Published: | Jul 21 2014 12:00AM |
| Updated: | Apr 13 2015 08:44PM |
| Credit: | Sebastian Krahmer |
| Vulnerable: |
Ubuntu Ubuntu Linux 12.04 LTS i386 Ubuntu Ubuntu Linux 12.04 LTS amd64 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 |
| Not Vulnerable: | |
Discussion
PolicyKit Local Privilege Escalation Vulnerability
PolicyKit is prone to a local privilege-escalation vulnerability.
A local attacker may exploit this issue to execute arbitrary commands with root privileges.
PolicyKit is prone to a local privilege-escalation vulnerability.
A local attacker may exploit this issue to execute arbitrary commands with root privileges.
Exploit / POC
PolicyKit Local Privilege Escalation Vulnerability
An attacker can exploit this issue using standard commands.
An attacker can exploit this issue using standard commands.
Solution / Fix
PolicyKit Local Privilege Escalation Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
PolicyKit Local Privilege Escalation Vulnerability
References:
References:
- KDE Home Page (KDE)
- PolicyKit Homepage (freedesktop.org)