CVE-2013-4325

Related Files

Gentoo Linux Security Advisory 201406-27

Posted Jun 27, 2014

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201406-27 - A race condition in polkit could allow a local attacker to gain escalated privileges. Versions less than 3.14.1 are affected.

tags | advisory, local

systems | linux, gentoo

advisories | CVE-2013-4288, CVE-2013-4311, CVE-2013-4324, CVE-2013-4325, CVE-2013-4327

SHA-256 | e25d75df9ade95871973ee8eb13ecdc5976b44c82d22212c6566220987e42d0e

Download | Favorite | View

Debian Security Advisory 2829-1

Posted Dec 29, 2013

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2829-1 - Multiple vulnerabilities have been found in the HP Linux Printing and in PackageKit and the insecure hp-upgrade service has been disabled.

tags | advisory, vulnerability

systems | linux, debian

advisories | CVE-2013-0200, CVE-2013-4325, CVE-2013-6402, CVE-2013-6427

SHA-256 | 7f66cf46f3fd1529cdf09546ae8258fcde1c2abdabfa3412509c82a4b988c067

Download | Favorite | View

Slackware Security Advisory - hplip Updates

Posted Oct 21, 2013

Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New hplip packages are available for Slackware 13.1, 13.37, 14.0, and -current to fix security issues. Related CVE Numbers: CVE-2013-4325.

tags | advisory

systems | linux, slackware

advisories | CVE-2013-4325

SHA-256 | d51789595e74cd6d927413448faf207d8b136de73fc3d59e6680590ccc5769c8

Download | Favorite | View

Mandriva Linux Security Advisory 2013-243

Posted Sep 27, 2013

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-243 - A race condition was found in the way the PolicyKit pkcheck utility checked process authorization when the process was specified by its process ID via the --process option. A local user could use this flaw to bypass intended PolicyKit authorizations and escalate their privileges.

tags | advisory, local

systems | linux, mandriva

advisories | CVE-2013-4288, CVE-2013-4325, CVE-2013-4326, CVE-2013-4327

SHA-256 | 91ca06b6329364c75747c0f85a55c45bc6033f08b2e6bb7fa73577a3bf412762

Download | Favorite | View

Red Hat Security Advisory 2013-1274-01

Posted Sep 20, 2013

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1274-01 - The hplip packages contain the Hewlett-Packard Linux Imaging and Printing Project, which provides drivers for Hewlett-Packard printers and multi-function peripherals. HPLIP communicated with PolicyKit for authorization via a D-Bus API that is vulnerable to a race condition. This could lead to intended PolicyKit authorizations being bypassed. This update modifies HPLIP to communicate with PolicyKit via a different API that is not vulnerable to the race condition. All users of hplip are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.

tags | advisory

systems | linux, redhat

advisories | CVE-2013-4325

SHA-256 | 64b0ccd1dc6a95b6696b153ccbef3c292d4db5c72bfb5e09000f48a0e5d4777a

Download | Favorite | View

Ubuntu Security Notice USN-1956-1

Posted Sep 18, 2013

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1956-1 - It was discovered that HPLIP was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations.

tags | advisory, local

systems | linux, ubuntu

advisories | CVE-2013-4325

SHA-256 | 71e03f17753583dab5bfb5951604d6afb1f873179ad5a70e5586190649331a95

Download | Favorite | View