PT-2015-4012 · Midgard+1 · Midgard2+1

Simon Mcvittie

Publicado

2015-01-26

Atualizado

2024-06-15

CVE-2014-8148

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Midgard2 version 10.05.7.1

Description The default D-Bus access control rule in Midgard2 allows local users to send arbitrary method calls or signals to any process on the system bus and possibly execute arbitrary code with root privileges.

Recommendations For Midgard2 version 10.05.7.1, consider modifying the D-Bus access control rule to restrict local users from sending arbitrary method calls or signals to any process on the system bus. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2014-8148

OPENSUSE-SU-2024:10517-1

Produtos afetados

Midgard2

Suse

PT-2015-4012 · Midgard+1 · Midgard2+1

CVE-2014-8148

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 22