Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-1838-1
HistoryJul 18, 2009 - 12:00 a.m.

pulseaudio - privilege escalation

2009-07-1800:00:00
Google
osv.dev
11

0.0004 Low

EPSS

Percentile

0.4%

JSON

Tavis Ormandy and Julien Tinnes discovered that the pulseaudio daemon
does not drop privileges before re-executing itself, enabling local
attackers to increase their privileges.

The old stable distribution (etch) is not affected by this issue.

For the stable distribution (lenny), this problem has been fixed in
version 0.9.10-3+lenny1.

For the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your pulseaudio packages.

CPENameOperatorVersion
pulseaudioeq0.9.10-3

Related

openvas 10
nessus 4
nvd 2
ubuntu 1
ubuntucve 2
debian 1
gentoo 1
cve 2
debiancve 1
securityvulns 3
prion 2
cvelist 2
seebug 2
exploitpack 1
packetstorm 1
exploitdb 1
openvas
openvas
Mandrake Security Advisory MDVSA-2009:152 (pulseaudio)
2009-07-29 00:00:00
Mandrake Security Advisory MDVSA-2009:152 (pulseaudio)
2009-07-29 00:00:00
Debian Security Advisory DSA 1838-1 (pulseaudio)
2009-07-29 00:00:00
nessus
nessus
Debian DSA-1838-1 : pulseaudio - privilege escalation
2010-02-24 00:00:00
GLSA-200907-13 : PulseAudio: Local privilege escalation
2009-07-17 00:00:00
Ubuntu 8.04 LTS / 8.10 / 9.04 : pulseaudio vulnerability (USN-804-1)
2009-07-17 00:00:00
nvd
nvd
CVE-2009-1894
2009-07-17 16:30:00
CVE-2009-1897
2009-07-20 17:30:54
ubuntu
ubuntu
PulseAudio vulnerability
2009-07-16 00:00:00
ubuntucve
ubuntucve
CVE-2009-1894
2009-07-17 00:00:00
CVE-2009-1897
2009-07-20 00:00:00
debian
debian
[SECURITY] [DSA 1838-1] New pulseaudio packages fix privilege escalation
2009-07-18 12:18:19
gentoo
gentoo
PulseAudio: Local privilege escalation
2009-07-16 00:00:00
cve
cve
CVE-2009-1894
2009-07-17 16:30:00
CVE-2009-1897
2009-07-20 17:30:54
debiancve
debiancve
CVE-2009-1894
2009-07-17 16:30:00
securityvulns
securityvulns
PulseAudio race conditions
2009-07-18 00:00:00
PulseAudio local race condition privilege escalation vulnerability
2009-07-18 00:00:00
The GNU C library dynamic linker expands $ORIGIN in setuid library search path
2010-10-24 00:00:00
prion
prion
Race condition
2009-07-17 16:30:00
Null pointer dereference
2009-07-20 17:30:00
cvelist
cvelist
CVE-2009-1894
2009-07-17 16:00:00
CVE-2009-1897
2009-07-20 17:00:00
seebug
seebug
Linux Kernel tun_chr_pool()ε‡½ζ•°η©ΊζŒ‡ι’ˆεΌ•η”¨ζΌζ΄ž
2009-07-20 00:00:00
GNU C library dynamic linker $ORIGIN expansion Vulnerability
2014-07-01 00:00:00
exploitpack
exploitpack
GNU C library dynamic linker - $ORIGIN Expansion
2010-10-18 00:00:00
packetstorm
packetstorm
GNU C Library Dynamic Linker $ORIGIN Expansion Vulnerability
2010-10-19 00:00:00
exploitdb
exploitdb
GNU C library dynamic linker - '$ORIGIN' Expansion
2010-10-18 00:00:00

0.0004 Low

EPSS

Percentile

0.4%

JSON
Related for OSV:DSA-1838-1
openvas10nessus4nvd2ubuntu1ubuntucve2debian1gentoo1cve2debiancve1securityvulns3prion2cvelist2seebug2exploitpack1packetstorm1exploitdb1