CVE-2014-5033: CVE-2014-5033

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2014-5033

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, related to CVE-2013-4288 and "PID reuse race conditions."

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Red Hat PolicyKit和kauth 权限许可和访问控制漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

KDE KDELibs和kauth都是KDE社区的产品。KDELibs是一个创建在Qt框架之上用于开发KDE软件的KDE API参考库；kauth是一个跨平台的认证API。 KDE kdelibs 4.14之前版本和kauth 5.1版本中存在安全漏洞，该漏洞源于程序以不安全的方式使用polkit。本地攻击者可通过PolkitUnixProcess PolkitSubject竞争条件利用该漏洞绕过既定的访问限制。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2014-5033

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2014-5033

Please Login to view more intelligence information

http://www.kde.org/info/security/advisory-20140730-1.txtx_refsource_CONFIRM
http://quickgit.kde.org/?p=kauth.git&a=commit&h=341b7d84b6d9c03cf56905cb277b47e11c81482ax_refsource_CONFIRM
http://quickgit.kde.org/?p=kdelibs.git&a=commitdiff&h=e4e7b53b71e2659adaf52691d4accc3594203b23x_refsource_CONFIRM
http://secunia.com/advisories/60633third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/60385third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/60654third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2014/dsa-3004vendor-advisoryx_refsource_DEBIAN
http://www.ubuntu.com/usn/USN-2304-1vendor-advisoryx_refsource_UBUNTU
http://rhn.redhat.com/errata/RHSA-2014-1359.htmlvendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-updates/2014-08/msg00012.htmlvendor-advisoryx_refsource_SUSE
https://nvd.nist.gov/vuln/detail/CVE-2014-5033

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2014-5033

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2014-5033

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2014-5033

III. Intelligence Information for CVE-2014-5033

IV. Related Vulnerabilities

V. Comments for CVE-2014-5033

Leave a comment