Executive Summary

Informations
NameCVE-2018-19788First vendor Publication2018-12-03
VendorCveLast vendor Modification2019-02-05

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:C/I:C/A:C)
Cvss Base Score9Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score8AuthenticationRequires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19788

CWE : Common Weakness Enumeration

%idName
100 %CWE-20Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1
Os5
Os2

Nessus® Vulnerability Scanner

DateDescription
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-4ac3c68ee4.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-2f8696869e.nasl - Type : ACT_GATHER_INFO
2018-12-07Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4350.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
DEBIAN https://www.debian.org/security/2018/dsa-4350
MISC https://bugs.debian.org/915332
https://gitlab.freedesktop.org/polkit/polkit/issues/74
MLIST https://lists.debian.org/debian-lts-announce/2019/01/msg00021.html
UBUNTU https://usn.ubuntu.com/3861-1/
https://usn.ubuntu.com/3861-2/

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
DateInformations
2019-02-05 21:19:35
  • Multiple Updates
2019-01-29 17:19:12
  • Multiple Updates
2019-01-17 17:18:55
  • Multiple Updates
2018-12-07 17:19:14
  • Multiple Updates
2018-12-03 12:02:09
  • First insertion