CVE-2010-0750

Name of the Vulnerable Software and Affected Versions PolicyKit versions prior to 0.104-r1 libpolkit version 0.96

Description The issue concerns multiple vulnerabilities in the polkit package of Gentoo Linux, which can be exploited locally to compromise the confidentiality, integrity, and availability of protected information. Specifically, in libpolkit version 0.96, the pkexec.c file in pkexec allows local users to determine the existence of arbitrary files via an argument.

Recommendations For versions prior to 0.104-r1, update to version 0.104-r1 or later to resolve the issue. For version 0.96, consider restricting access to the pkexec function until a patch is available.