CVE-2011-4945
Published: 1 October 2012
PolicyKit 0.103 sets the AdminIdentities to "wheel" by default, which allows local users in the wheel group to gain root privileges without authentication.
Notes
Author | Note |
---|---|
tyhicks | Change introduced in upstream PolicyKit version 0.103 The Debian package reverts the patch |
Priority
Status
Package | Release | Status |
---|---|---|
policykit Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Not vulnerable
(0.9-4ubuntu2)
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
upstream |
Not vulnerable
|
|
policykit-1 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Not vulnerable
|
|
maverick |
Not vulnerable
|
|
natty |
Not vulnerable
|
|
oneiric |
Not vulnerable
(0.102-1)
|
|
upstream |
Needs triage
|