Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu,  6 Nov 2014 20:05:31 -0500 (EST)
From: cve-assign@...re.org
To: davidedmundson@....org
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: Privilege Escalation via KDE Clock KCM polkit helper

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> a security issue in KDE which under Ubuntu and some other distros
> allows a program to run arbitrary processes as root from an admin user
> without any prompts.
> 
> kde-workspace < 4.14.3
> 
> KDE workspace configuration module for setting the date and time has a
> helper program which runs as root for performing actions. This is
> secured with polkit.
> 
> This helper takes the name of the ntp utility to run as an argument.
> This allows a hacker to run any arbitrary command as root under the
> guise of updating the time.
> 
> https://git.reviewboard.kde.org/r/120977/

> Do not pass ntpUtility as an argument to datetime helper
>  
> Passing the name of a binary to run to a polkit helper is a security
> risk as it allows any arbitrary process to be executed.

Use CVE-2014-8651.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJUXBpEAAoJEKllVAevmvms8tkH/24xRCKqs7+chaachMPh198W
5kPxM6u/LnF8kT+9iSxO5BcotC9EtpcqR7INhP8+aE3UC/6sTyMqY0UQ0+Dq1sSF
0qcD9MV/70cxi/ty01hqWKLTn8rzdRmm88g+tgbDKCbjH48BpQRmMdNLJhL9InhJ
FR7KHqEr7KYMTq0l9eNcLNNbkq8yt8QeaSz2O4dqsnnn9yjFAUR0n+jAN9toDyTr
gi4pMYQUIuViQMamtwZuo8WXZf/badIEkC1QESDbkjKqPttC4/qJL2F4HY6usdZa
PiL7PmS8zrI5wpGg+UQhgf6Svkgbu5PDPwwvLADx1/CYXe1neOnxjhjj9vwkZQ8=
=edpr
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ