Lucene search
Gentoo FoundationGLSA-201812-10HistoryDec 30, 2018 - 12:00 a.m.
GKSu: Arbitrary command execution
2018-12-3000:00:00
Gentoo Foundation
security.gentoo.org
23
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.9
Confidence
Low
EPSS
0.006
Percentile
78.0%
Background
A library that provides a Gtk+ frontend to su and sudo.
Description
A vulnerability was discovered in GKSu’s gksu-run-helper.
Impact
An attacker could execute arbitrary commands.
Workaround
There is no known workaround at this time.
Resolution
Gentoo has discontinued support for GKSu and recommends that users unmerge the package:
# emerge --unmerge "x11-libs/gksu"
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Gentoo | any | all | x11-libs/gksu | <= 2.0.2 | UNKNOWN |
Related
prion
prion
Design/Logic Flaw
2014-09-18 10:55:00
Design/Logic Flaw
2014-08-15 11:15:00
cve
cve
CVE-2014-2886
2014-09-18 10:55:08
CVE-2014-2943
2014-08-15 11:15:43
nessus
nessus
GLSA-201812-10 : GKSu: Arbitrary command execution
2018-12-31 00:00:00
cvelist
cvelist
CVE-2014-2886
2014-09-18 10:00:00
ubuntucve
ubuntucve
CVE-2014-2886
2014-09-18 00:00:00
debiancve
debiancve
CVE-2014-2886
2014-09-18 10:55:00
nvd
nvd
CVE-2014-2886
2014-09-18 10:55:08
CVE-2014-2943
2014-08-15 11:15:43
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.9
Confidence
Low
EPSS
0.006
Percentile
78.0%
Related for GLSA-201812-10