Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 569
Alerts This Week
Warning Icon 1 569

Ubuntu 10.10 USN-1115-1 Critical: Language-Selector Root Access Exploit

ubuntu
Calendar Grey April 19, 2011
Scroller Ubuntu
A vulnerability in the language-selector tool may allow local users to escalate their privileges to root on Ubuntu 10.10 installations due to a security oversight.
Local users could gain root access via the language-selector.

Summary

Local users could gain root access via the language-selector.

Software Description:

- language-selector: Language selector for Ubuntu Linux

Details:

Romain Perier discovered that the language-selector D-Bus backend did not

correctly check for Policy Kit authorizations. A local attacker could exploit

this to inject shell commands into the system-wide locale configuration file,

leading to root privilege escalation.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.10:
  language-selector-common        0.6.7

In general, a standard system update will make all the necessary changes.

References

CVE-2011-0729

Severity
critical
Lowest
Low
Medium
High
Critical

April 19, 2011

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.