gksu-polkit-0.0.3-6.fc18 was reported as fixing the issue in CVE-2012-5617 but the patch was improperly applied and it did not fixed the security issue.
CVE-2013-4161 exposes a vulnerability in the gksu-polkit package, allowing for privilege escalation due to an improperly applied patch. This flaw enables attackers to execute arbitrary commands with elevated privileges, potentially leading to system compromise and data exfiltration.
Step 1: Trigger Condition: The attacker identifies a system running a vulnerable version of gksu-polkit.
Step 2: Input Manipulation: The attacker crafts a malicious command or input designed to exploit the vulnerability. This could involve injecting shell commands or manipulating environment variables.
Step 3: Command Injection: The attacker provides the malicious input to gksu-polkit, potentially through a crafted application or script.
Step 4: Privilege Escalation: Due to the flawed patch, gksu-polkit fails to properly sanitize the input, and the malicious command is executed with elevated privileges (root or another privileged user).
Step 5: System Compromise: The attacker gains control of the system, allowing for data theft, system modification, or further exploitation.
The root cause lies in the incomplete or incorrect application of the patch intended to fix CVE-2012-5617. The original vulnerability likely involved a flaw in how gksu-polkit handled user input or command execution, potentially allowing for the injection of malicious commands. The patch, meant to address this, was either missing crucial components or implemented incorrectly, leaving the underlying vulnerability exploitable. The specific function or logic flaw is not explicitly detailed in the CVE description, but it is implied that the patch failed to correctly sanitize or validate user-supplied input before passing it to a privileged process, creating a pathway for command injection and privilege escalation.