Computer Security

language-selector privilege escalation
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



language-selector privilege escalation
Published:21.04.2011
Source:BUGTRAQ
SecurityVulns ID:11618
Type:local
Level:6/10
Description:Privilege escalation via D-Bus messages.
Affected:LANGUAGESELECTOR : language-selector 0.6
CVE:CVE-2011-0729 (dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/environment files via a (1) SetSystemDefaultLangEnv or (2) SetSystemDefaultLanguageEnv call.)
Original documentdocumentUBUNTU, [USN-1115-1] language-selector vulnerability (21.04.2011)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru