Launchpad CVE tracker

CVE 2008-1658

Format string vulnerability in the grant helper (polkit-grant-helper.c) in PolicyKit 0.7 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in a password.

Related bugs and status

CVE-2008-1658 (Candidate) is related to these bugs:

Bug #205037: policykit or policykit-gnome do not work with passwords containing "%" character

		In	Importance	Status
205037	policykit or policykit-gnome do not work with passwords containing "%" character	policykit (Ubuntu)	High	Fix Released
205037	policykit or policykit-gnome do not work with passwords containing "%" character	PolicyKit	Critical	Fix Released
205037	policykit or policykit-gnome do not work with passwords containing "%" character	policykit (PLD Linux)	High	Fix Released

Bug #232227: Please merge policykit 0.8-1 (main) from Debian unstable (main)

Summary				In	Importance	Status
	232227	Please merge policykit 0.8-1 (main) from Debian unstable (main)		policykit (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2008-1658

References