Is FreePBX distro vulnerable to PolKit?

johnjces · February 1, 2022, 6:58pm

Just checking?

jcolp · February 1, 2022, 7:14pm

This was brought up previously at Polkit bug for Linux distros

jfinstrom · February 1, 2022, 7:17pm

# chmod 0755 /usr/bin/pkexec

[root@freepbx ~]# git clone [email protected]:jfrog/polkit-tools.git
[root@freepbx ~]# cd polkit-tools/
[root@freepbx polkit-tools]# cd pwnkit_detector/
[root@freepbx pwnkit_detector]# make
cc -Wall -fPIC -o pwnkit_detector pwnkit_detector.c
[root@freepbx pwnkit_detector]# ./test_pwnkit.sh
VULNERABLE

I have not run yum update which has the updated package

After yum update

[root@freepbx pwnkit_detector]# ./test_pwnkit.sh
NOT VULNERABLE - "pkexec" is patched

johnjces · February 1, 2022, 7:30pm

My apologies to all!

I was surely behind the times and just my knee jerk reaction without a forum search.

Thanks! I had already changed my permissions but will update soon.

John

system · February 8, 2022, 7:30pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.