CVE-2018-1106 – PackageKit: authentication bypass allows to install signed packages without administrator privileges
https://notcve.org/view.php?id=CVE-2018-1106
An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system. Se ha encontrado un fallo de omisión de autenticación en PackageKit, en versiones anteriores a la 1.1.10, que permite que usuarios con privilegios de administrador instalen paquetes firmados. Un atacante local puede emplear esta vulnerabilidad para instalar paquetes vulnerables para comprometer aún más un sistema. An authentication bypass flaw has been found in PackageKit that allows users without administrator privileges to install signed packages. • http://www.openwall.com/lists/oss-security/2018/04/23/3 https://access.redhat.com/errata/RHSA-2018:1224 https://bugzilla.redhat.com/show_bug.cgi?id=1565992 https://usn.ubuntu.com/3634-1 https://www.debian.org/security/2018/dsa-4207 https://access.redhat.com/security/cve/CVE-2018-1106 • CWE-287: Improper Authentication •
CVE-2013-1764
https://notcve.org/view.php?id=CVE-2013-1764
The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method. El backend Zypper (también conocido como zypp) en PackageKit anterior a 0.8.8 permite a usuarios locales degradar paquetes a través del método "instalar actualizaciones". • http://lists.opensuse.org/opensuse-updates/2013-06/msg00026.html http://www.openwall.com/lists/oss-security/2013/02/25/20 https://bugs.freedesktop.org/show_bug.cgi?id=61231 https://bugzilla.novell.com/show_bug.cgi?id=804983 https://gitorious.org/packagekit/packagekit/commit/d3d14631042237bcfe6fb30a60e59bb6d94af425 https://gitorious.org/packagekit/packagekit/source/NEWS • CWE-264: Permissions, Privileges, and Access Controls •