1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
PublicDate: 2008-04-11
Candidate: CVE-2008-1658
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1658
Description:
Format string vulnerability in the grant helper (polkit-grant-helper.c) in
PolicyKit 0.7 and earlier allows attackers to cause a denial of service
(crash) and possibly execute arbitrary code via format strings in a
password.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to: keescook
Patches_policykit:
upstream: http://gitweb.freedesktop.org/?p=PolicyKit.git;a=commitdiff;h=5bc86a14cc0e356bcf8b5f861674f842869b1be7
upstream_policykit: pending (0.8)
dapper_policykit: DNE
edgy_policykit: DNE
feisty_policykit: DNE
gutsy_policykit: DNE
devel_policykit: released (0.7-2ubuntu6)
|