5.9

CVE-2013-4394

The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors involving "special and control characters."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Systemd ProjectSystemd Version < 194
DebianDebian Linux Version7.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.34% 0.252
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.9 1.9 9.5
AV:L/AC:H/Au:N/C:C/I:C/A:P
CWE-276 Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

http://www.debian.org/security/2013/dsa-2777
Third Party Advisory
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357
Third Party Advisory
Issue Tracking
http://www.openwall.com/lists/oss-security/2013/10/01/9
Third Party Advisory
Mailing List
https://security.gentoo.org/glsa/201612-34
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=862324
Patch
Third Party Advisory
Issue Tracking