Computer Security
[EN] securityvulns.ru no-pyccku


language-selector privilege escalation
Published:21.04.2011
Source:
SecurityVulns ID:11618
Type:local
Threat Level:
6/10
Description:Privilege escalation via D-Bus messages.
Affected:LANGUAGESELECTOR : language-selector 0.6
CVE:CVE-2011-0729 (dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/environment files via a (1) SetSystemDefaultLangEnv or (2) SetSystemDefaultLanguageEnv call.)
Original documentdocumentUBUNTU, [USN-1115-1] language-selector vulnerability (21.04.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod