Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2011-1485 PoC — Red Hat PolicyKit pkexec功能和polkitd守护进程竞争条件漏洞

Source
https://github.com/Pashkela/CVE-2011-1485
Associated Vulnerability
Title:Red Hat PolicyKit pkexec功能和polkitd守护进程竞争条件漏洞 (CVE-2011-1485)
Description:Red Hat PolicyKit(又名Polkit)是美国红帽(Red Hat)公司的一个用于在Unix兼容系统中对应用程序进行权限控制的工具。该工具为现代桌面提供了一个中央框架用于授权一般应用程序进行特权工作。 PolicyKit 0.96版本中的pkexec功能和polkitd守护进程中存在竞争条件漏洞。该漏洞是由于当确定父进程权限时,产生的竞争条件导致的,本地用户可以通过执行pkexec中的setuid程序,获取特权。
Description
CVE-2011-1485 - Published: 2011-04-01 - PolicyKit:
Readme
CVE-2011-1485
=============

CVE-2011-1485 - Published: 2011-04-01 - PolicyKit:
File Snapshot

 [4.0K]  /data/pocs/6da836ca3e733b9a9400e7f2bbe6c1a5815cac9c
├── [  80]  README.md
└── [1.0K]  run.sh

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.