Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1658

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2008-1658
Last Modified 07 Mar 2011 10:07:25
Published 11 Apr 2008 06:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-1658

Summary

Format string vulnerability in the grant helper (polkit-grant-helper.c) in PolicyKit 0.7 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in a password.

Vulnerable Systems

Application

  • Freedesktop Policykit 0.6

  • Freedesktop Policykit 0.7


References

BID - 28702

FEDORA - FEDORA-2008-2987

CONFIRM - https://bugs.launchpad.net/ubuntu/+source/policykit/+bug/205037

XF - policykit-granthelper-format-string(41877)

VUPEN - ADV-2008-1254

MANDRIVA - MDVSA-2008:087

SECUNIA - 29755

CONFIRM - http://gitweb.freedesktop.org/?p=PolicyKit.git;a=commitdiff;h=5bc86a14cc0e356bcf8b5f861674f842869b1be7

CONFIRM - http://bugs.freedesktop.org/show_bug.cgi?id=15295


Last Updated: 27 May 2016 10:47:37