STEP BY STEP PROCEDURE TO FIX THE PLOKIT VULNERABILITY (CVE-2021-3560)

THESECMASTER

Another vulnerability found on the Polkit system could enable a local user to gain root privileges by bypassing authentication. It is very much required to test and fix the Plokit vulnerability (CVE-2021-3560). We tell try covering most of the information about this vulnerability, affected versions, affected OS platforms, and the fix. Let’s get started.

* What Is Polkit?
* About The Local Privilege Escalation Plokit Vulnerability (CVE-2021-3560):
  * Summary of CVE-2021-3560:
* Affected Polkit Versions To The Local Privilege Escalation Vulnerability (CVE-2021-3560):
* How To Test The Privilege Escalation Plokit Vulnerability (CVE-2021-3560) On The Host?
* How To Fix The Local Privilege Escalation Plokit vulnerability (CVE-2021-3560) On The Host?

Table of Contents :

1. Install accountsservice & gnome-control-center packages if you are using non GUI mode
2. Disable authentication dialog
3. Find out the time required to process a request
4. Initiate the dbus-send and kill the process at the middle of execution
5. Run the command written in the step 4 for several times until you succeed
6. Generate the hash of the password using openssl tool
7. Use the same method to set the password to the user boris
8. Run the command written in the step 7 for several times until you succeed
9. Become a root using su command

How to test the privilege escalation Plokit vulnerability?

Tumblr

Telegram

Medium

Twitter

LinkedIn

Facebook

FOLLOW US:

THESECMASTER