CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 4CVE-2011-1485 – Linux PolicyKit - Race Condition Privilege Escalation
https://notcve.org/view.php?id=CVE-2011-1485
Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID. Condición de carrera en la utilidad pkexec y el demonio polkitd de PolicyKit (polkit) 0.96. Permite a usuarios locales escalar privilegios ejecutando un programa setuid desde pkexec. Relacionado con el uso del ID de usuario efectivo en vez del real. A race condition flaw was found in the PolicyKit pkexec utility and polkitd daemon. • https://www.exploit-db.com/exploits/35021 https://www.exploit-db.com/exploits/17942 https://www.exploit-db.com/exploits/17932 https://github.com/Pashkela/CVE-2011-1485 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058752.html http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059859.html http://secunia.com/advisories/48817 http://security.gentoo.org/glsa/glsa-201204-06.xml http://securityreason.com/securityalert/8424 http://www.debian.org/sec • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 3CVE-2010-0750
https://notcve.org/view.php?id=CVE-2010-0750
pkexec.c in pkexec in libpolkit in PolicyKit 0.96 allows local users to determine the existence of arbitrary files via the argument. pkexec.c en pkexec en libpolkit en PolicyKit v0.96 permite a usuarios locales determinar la existencia de ficheros de forma arbitraria a través del argumento. • http://bugs.freedesktop.org/show_bug.cgi?id=26982 http://cgit.freedesktop.org/PolicyKit/commit/?id=14bdfd816512a82b1ad258fa143ae5faa945df8a http://marc.info/?l=oss-security&m=127014095301235&w=2 http://marc.info/?l=oss-security&m=127014999113790&w=2 http://secunia.com/advisories/39149 http://secunia.com/advisories/48817 http://security.gentoo.org/glsa/glsa-201204-06.xml https://exchange.xforce.ibmcloud.com/vulnerabilities/57543 https://launchpad.net/bugs/532852 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •