CVE-2011-2777

描述

samples/powerbtn/powerbtn.sh in acpid (aka acpid2) 2.0.16 and earlier uses the pidof program incorrectly, which allows local users to gain privileges by running a program with the name kded4 and a DBUS_SESSION_BUS_ADDRESS environment variable containing commands.

受影響套件(1)

• Debian/acpidfrom 0, < 1:2.0.14-1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-2777