CVE-2013-4394

Sažetak

The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors involving "special and control characters."

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=862324
http://www.openwall.com/lists/oss-security/2013/10/01/9
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357
http://www.debian.org/security/2013/dsa-2777
https://security.gentoo.org/glsa/201612-34

CVSS

Base:	5.9
Impact:	9.5
Exploitability:	1.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	PARTIAL

CVSS vektor

AV:L/AC:H/Au:N/C:C/I:C/A:P

Zadnje važnije ažuriranje

31-01-2022 - 17:50

Objavljeno

28-10-2013 - 22:55