Ubuntu Update For Policykit-1 USN-1117-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1117-1

Solution

Please Install the Updated Packages.

Insight

Neel Mehta discovered that PolicyKit did not correctly verify the user making authorization requests. A local attacker could exploit this to trick pkexec into running applications with root privileges.

Affected

policykit-1 on Ubuntu 10.10 , Ubuntu 10.04 LTS , Ubuntu 9.10

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-April/001311.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1485

CVSS	Base Score: 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Ubuntu Update for apache2 USN-2152-1
Ubuntu Update for cinder USN-1731-1
Ubuntu Update for cups USN-2341-1
Ubuntu Update for clamav USN-1482-2
Ubuntu Update for apache2 USN-1765-1

Ubuntu Update for policykit-1 USN-1117-1

Take action and discover your vulnerabilities