Gentoo Linux Security Advisory 201310-20 - A vulnerability in acpid2 may allow a local attacker to gain escalated privileges. Versions less than 2.0.17 are affected.
d5986df22459ab18b7584a7774af17d7Mandriva Linux Security Advisory 2012-137 - Oliver-Tobias Ripka discovered that an ACPI script incorrectly handled power button events. A local attacker could use this to execute arbitrary code, and possibly escalate privileges. Helmut Grohne and Michael Biebl discovered that ACPI scripts were executed with a permissive file mode creation mask. A local attacker could read files and modify directories created by ACPI scripts that did not set a strict umask. The updated packages have been patched to correct these issues.
8bc011636a8c83436319e265b2287d5fDebian Linux Security Advisory 2362-1 - Multiple vulnerabilities were found in the acpid, the Advanced Configuration and Power Interface event daemon.
44896c5053b2e34b85763dac848c4443Local proof of concept exploit that demonstrates a privilege boundary crossing vulnerability in acpid. Written to work on Ubuntu 11.10 and 11.04.
205d4ba29c892acdd7cdca5bba40eabeUbuntu Security Notice 1296-1 - Oliver-Tobias Ripka discovered that an ACPI script incorrectly handled power button events. A local attacker could use this to execute arbitrary code, and possibly escalate privileges. Helmut Grohne and Michael Biebl discovered that ACPI scripts were executed with a permissive file mode creation mask (umask). A local attacker could read files and modify directories created by ACPI scripts that did not set a strict umask. Various other issues were also addressed.
9ba984edb30803a1c19c4bed3fbbcac7
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed