USBCreator D-Bus
Last updated
Last updated
A vulnerability in the USBCreator D-Bus interface allows an attacker with access to a user in the sudoer group to bypass the password security policy imposed by the sudo program. The vulnerability allows an attacker to overwrite arbitrary files with arbitrary content, as root - without supplying a password.
If a running process uses com.ubuntu.USBCreator
and the process is privileged one can move onto the explitation phase.
This particular example is for adding the attacker's SSH
key to the authorised keys, so that they can login without a password.