Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.883013
Category:CentOS Local Security Checks
Title:CentOS Update for polkit CESA-2019:0420 centos6
Summary:The remote host is missing an update for the 'polkit'; package(s) announced via the CESA-2019:0420 advisory.
Description:Summary:
The remote host is missing an update for the 'polkit'
package(s) announced via the CESA-2019:0420 advisory.

Vulnerability Insight:
The polkit packages provide a component for controlling system-wide
privileges. This component provides a uniform and organized way for
non-privileged processes to communicate with privileged ones.

Security Fix(es):

* polkit: Temporary auth hijacking via PID reuse and non-atomic fork
(CVE-2019-6133)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Affected Software/OS:
polkit on CentOS 6.

Solution:
Please install the updated package(s).

CVSS Score:
4.4

CVSS Vector:
AV:L/AC:M/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-6133
BugTraq ID: 106537
http://www.securityfocus.com/bid/106537
https://bugs.chromium.org/p/project-zero/issues/detail?id=1692
https://git.kernel.org/linus/7b55851367136b1efd84d98fea81ba57a98304cf
https://gitlab.freedesktop.org/polkit/polkit/commit/c898fdf4b1aafaa04f8ada9d73d77c8bb76e2f81
https://gitlab.freedesktop.org/polkit/polkit/merge_requests/19
https://lists.debian.org/debian-lts-announce/2019/01/msg00021.html
https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html
https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html
RedHat Security Advisories: RHSA-2019:0230
https://access.redhat.com/errata/RHSA-2019:0230
RedHat Security Advisories: RHSA-2019:0420
https://access.redhat.com/errata/RHSA-2019:0420
RedHat Security Advisories: RHSA-2019:0832
https://access.redhat.com/errata/RHSA-2019:0832
RedHat Security Advisories: RHSA-2019:2699
https://access.redhat.com/errata/RHSA-2019:2699
RedHat Security Advisories: RHSA-2019:2978
https://access.redhat.com/errata/RHSA-2019:2978
SuSE Security Announcement: openSUSE-SU-2019:1914 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00049.html
https://usn.ubuntu.com/3901-1/
https://usn.ubuntu.com/3901-2/
https://usn.ubuntu.com/3903-1/
https://usn.ubuntu.com/3903-2/
https://usn.ubuntu.com/3908-1/
https://usn.ubuntu.com/3908-2/
https://usn.ubuntu.com/3910-1/
https://usn.ubuntu.com/3910-2/
https://usn.ubuntu.com/3934-1/
https://usn.ubuntu.com/3934-2/
CopyrightCopyright (C) 2019 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.