Run: PwnKit mitigation - Restore default permissions on pkexec - UNDO MITIGATION
Log In or Register to download the BES file, and more.

0 Votes

Description


This task restore the default permission on the pkexec file, that is. -rwsr-xr-x
It is a generic command that can be deployed on all Linux-based endpoints
chmod u+s /usr/bin/pkexec

This task can be used in case the PwnKit mitigation task damaged an application running on the target endpoint. It will restore the default permissions on the pkexec file that were modified by the mitigation task.
Use this task with care and test thoroughly in your environment

NOTE: The task restores the default (-rwsr-xr-x) to the pkexec file.


Property Details

ID26904
StatusBeta - Preliminary testing ready for more
TitleRun: PwnKit mitigation - Restore default permissions on pkexec - UNDO MITIGATION
DomainBESC
CategoryWorkaround
SourceCommunity Content
Source SeverityImportant
Source Release Date1/28/2022 12:00:00 AM
CVENamesCVE-2021-4034
KeywordsCVE-2021-4034 BETA
Added by on 2/1/2022 6:38:00 AM
Last Modified by on 2/1/2022 6:38:00 AM
Counters 1614 Views / 4 Downloads
User Rating 1 star 2 star 3 star 4 star 5 star * Average over 0 ratings. ** Log In or Register to add your rating.

Relevance

Used in 1 fixlet   * Results in a true/false
Show indented relevance
exists file "/usr/bin/pkexec" and mode of file "/usr/bin/pkexec" as string != "rwsr-xr-x"

Actions

Action 1 (default)

Action Link Click here to deploy this action.
Script Type BigFix Action Script
// Enter your action script here
wait "/bin/bash" -c "chmod u+s /usr/bin/pkexec"
Success Criteria

This action will be considered successful when all lines of the action script have completed successfully.


Sharing

Social Media:
Share this page on Yammer

Comments

Log In or Register to leave comments!