Vulnerability   
Search   
    Search 191973 CVE descriptions
and 86218 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.702777
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 2777-1 (systemd - several vulnerabilities)
Summary:Multiple security issues in systemd have been discovered by Sebastian;Krahmer and Florian Weimer: Insecure interaction with DBUS could lead;to the bypass of Policykit restrictions and privilege escalation or;denial of service through an integer overflow in journald and missing;input sanitising in the processing of X keyboard extension (XKB) files.
Description:Summary:
Multiple security issues in systemd have been discovered by Sebastian
Krahmer and Florian Weimer: Insecure interaction with DBUS could lead
to the bypass of Policykit restrictions and privilege escalation or
denial of service through an integer overflow in journald and missing
input sanitising in the processing of X keyboard extension (XKB) files.

Affected Software/OS:
systemd on Debian Linux

Solution:
For the stable distribution (wheezy), these problems have been fixed in
version 44-11+deb7u4.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your systemd packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-4391
Debian Security Information: DSA-2777 (Google Search)
http://www.debian.org/security/2013/dsa-2777
https://security.gentoo.org/glsa/201612-34
http://www.openwall.com/lists/oss-security/2013/10/01/9
Common Vulnerability Exposure (CVE) ID: CVE-2013-4394
Common Vulnerability Exposure (CVE) ID: CVE-2013-4327
https://bugzilla.redhat.com/show_bug.cgi?id=1006680
http://www.openwall.com/lists/oss-security/2013/09/18/6
http://www.ubuntu.com/usn/USN-1961-1
CopyrightCopyright (C) 2013 Greenbone Networks GmbH http://greenbone.net

This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.