ktsuss: Privilege escalation
1.
Gentoo Linux Security Advisory
Version Information
| Advisory Reference |
GLSA 201201-15 / ktsuss |
| Release Date |
January 27, 2012 |
| Latest Revision |
January 27, 2012: 1 |
| Impact |
high |
| Exploitable |
local |
| Package |
Vulnerable versions |
Unaffected versions |
Architecture(s) |
| x11-misc/ktsuss |
<=
1.4 |
|
All supported architectures
|
Related bugreports:
#381115
Synopsis
Two vulnerabilities have been found in ktsuss, allowing local
attackers to gain escalated privileges.
2.
Impact Information
Background
ktsuss is a simple, graphical version of su written in C and GTK+.
Description
Two vulnerabilities have been found in ktuss:
- Under specific circumstances, ktsuss skips authentication and fails
to change the effective UID back to the real UID (CVE-2011-2921).
- The GTK interface spawned by the ktsuss binary is run as root
(CVE-2011-2922).
Impact
A local attacker could gain escalated privileges and use the
"GTK_MODULES" environment variable to possibly execute arbitrary code
with root privileges.
3.
Resolution Information
Workaround
There is no known workaround at this time.
Resolution
Gentoo discontinued support for ktsuss. We recommend that users unmerge
ktsuss:
Code Listing 3.1: Resolution |
# emerge --unmerge "x11-misc/ktsuss"
|
4.
References
|
