{
  "modified": "2025-08-09T19:01:28Z",
  "published": "2012-10-01T23:55:00Z",
  "id": "CVE-2011-4945",
  "details": "PolicyKit 0.103 sets the AdminIdentities to \"wheel\" by default, which allows local users in the wheel group to gain root privileges without authentication.",
  "references": [
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/48817"
    },
    {
      "type": "ADVISORY",
      "url": "http://security.gentoo.org/glsa/glsa-201204-06.xml"
    },
    {
      "type": "WEB",
      "url": "http://cgit.freedesktop.org/PolicyKit/commit/?id=763faf434b445c20ae9529100d3ef5290976d0c9"
    },
    {
      "type": "WEB",
      "url": "http://patch-tracker.debian.org/patch/series/view/policykit-1/0.104-2/05_revert-admin-identities-unix-group-wheel.patch"
    },
    {
      "type": "WEB",
      "url": "http://www.mail-archive.com/polkit-devel%40lists.freedesktop.org/msg00327.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2012/03/28/1"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2012/03/28/2"
    },
    {
      "type": "WEB",
      "url": "https://bugs.gentoo.org/show_bug.cgi?id=401513"
    },
    {
      "type": "WEB",
      "url": "https://launchpad.net/ubuntu/+source/policykit-1/0.103-1"
    }
  ]
}
