Your submission was sent successfully! Close

USN-1351-1: AccountsService vulnerability

31 January 2012

AccountsService could be made to overwrite files as the administrator.

Releases

Packages

Details

Hayawardh Vijayakumar discovered that AccountsService incorrectly handled
privileges when modifying the language settings on Ubuntu. A local attacker
could exploit this issue to modify arbitrary files, and possibly create a
denial of service or obtain increased privileges.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 11.10

After a standard system update you need to reboot your computer to make
all the necessary changes.

References