Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

Ubuntu 10.10 USN-1115-1 Critical: Language-Selector Root Access Exploit

Calendar Apr 19, 2011 User Avatar LinuxSecurity Advisories
1 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory critical privilege escalation root access ubuntu language-selector
Local users could gain root access via the language-selector. 
=========================================================================Ubuntu Security Notice USN-1115-1
April 19, 2011

language-selector vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 10.10

Summary:

Local users could gain root access via the language-selector.

Software Description:
- language-selector: Language selector for Ubuntu Linux

Details:

Romain Perier discovered that the language-selector D-Bus backend did not
correctly check for Policy Kit authorizations. A local attacker could exploit
this to inject shell commands into the system-wide locale configuration file,
leading to root privilege escalation.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.10:
  language-selector-common        0.6.7

In general, a standard system update will make all the necessary changes.

References:
  CVE-2011-0729

Package Information:
  https://launchpad.net/ubuntu/+source/language-selector/0.6.7

Ubuntu 10.10 USN-1115-1 Critical: Language-Selector Root Access Exploit

ubuntu
Calendar Grey April 19, 2011
Dist Ubuntu Esm H88
A vulnerability in the language-selector tool may allow local users to escalate their privileges to root on Ubuntu 10.10 installations due to a security oversight.
Local users could gain root access via the language-selector.

Summary

Topics%20covered

Topics Covered

security advisory critical privilege escalation root access ubuntu language-selector

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 10.10: language-selector-common 0.6.7 In general, a standard system update will make all the necessary changes.

References

CVE-2011-0729

Severity
critical
Lowest
Low
Medium
High
Critical

April 19, 2011

Topics%20covered

Topics Covered

security advisory critical privilege escalation root access ubuntu language-selector

Package Information

https://launchpad.net/ubuntu/+source/language-selector/0.6.7

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here