Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-1189HistoryApr 27, 2009 - 6:00 p.m.
CVE-2009-1189
2009-04-2718:00:00
Debian Security Bug Tracker
security-tracker.debian.org
12
3.6 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:P/A:P
7.3 High
AI Score
Confidence
High
0.011 Low
EPSS
Percentile
84.7%
The _dbus_validate_signature_with_reason function (dbus-marshal-validate.c) in D-Bus (aka DBus) before 1.2.14 uses incorrect logic to validate a basic type, which allows remote attackers to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix for CVE-2008-3834.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | dbus | <Β 1.2.14-1 | dbus_1.2.14-1_all.deb |
| Debian | 11 | all | dbus | <Β 1.2.14-1 | dbus_1.2.14-1_all.deb |
| Debian | 10 | all | dbus | <Β 1.2.14-1 | dbus_1.2.14-1_all.deb |
| Debian | 999 | all | dbus | <Β 1.2.14-1 | dbus_1.2.14-1_all.deb |
| Debian | 13 | all | dbus | <Β 1.2.14-1 | dbus_1.2.14-1_all.deb |
Related
nessus
nessus
Mandriva Linux Security Advisory : dbus (MDVSA-2009:256-1)
2009-10-07 00:00:00
RHEL 5 : dbus (RHSA-2010:0018)
2010-01-08 00:00:00
Oracle Linux 5 : dbus (ELSA-2010-0018)
2013-07-12 00:00:00
openvas
openvas
CentOS Update for dbus CESA-2010:0018 centos5 i386
2011-08-09 00:00:00
Mandrake Security Advisory MDVSA-2009:256 (dbus)
2009-10-13 00:00:00
Mandriva Security Advisory MDVSA-2009:256-1 (dbus)
2009-12-10 00:00:00
nvd
nvd
CVE-2009-1189
2009-04-27 18:00:00
CVE-2008-3834
2008-10-07 21:01:52
ubuntucve
ubuntucve
CVE-2009-1189
2009-04-27 00:00:00
CVE-2008-3834
2008-10-07 00:00:00
prion
prion
Design/Logic Flaw
2009-04-27 18:00:00
Design/Logic Flaw
2008-10-07 21:01:00
cve
cve
CVE-2009-1189
2009-04-27 18:00:00
CVE-2008-3834
2008-10-07 21:01:52
oraclelinux
oraclelinux
dbus security update
2010-01-07 00:00:00
dbus security update
2009-01-07 00:00:00
cvelist
cvelist
CVE-2009-1189
2009-04-27 17:43:00
CVE-2008-3834
2008-10-07 19:00:00
ubuntu
ubuntu
D-Bus vulnerability
2009-07-13 00:00:00
D-Bus vulnerabilities
2008-10-14 00:00:00
veracode
veracode
Spoofable Signature
2020-04-10 00:41:57
Denial Of Service (DoS)
2020-04-10 00:30:36
redhat
redhat
(RHSA-2010:0018) Moderate: dbus security update
2010-01-07 00:00:00
(RHSA-2009:0008) Moderate: dbus security update
2009-01-07 00:00:00
packetstorm
packetstorm
D-Bus Daemon Denial Of Service
2009-01-20 00:00:00
exploitpack
exploitpack
D-Bus Daemon 1.2.4 - libdbus Denial of Service
2009-01-19 00:00:00
gentoo
gentoo
D-Bus: Denial of service
2009-01-11 00:00:00
seebug
seebug
D-Bus Daemon < 1.2.4 (libdbus) Denial of Service Exploit
2009-01-19 00:00:00
D-Bus dbus_signature_validate()η±»εηΎεζη»ζε‘ζΌζ΄
2008-10-10 00:00:00
D-Bus Daemon < 1.2.4 - (libdbus) Denial of Service Exploit
2014-07-01 00:00:00
osv
osv
dbus - denial of service
2008-10-22 00:00:00
centos
centos
dbus security update
2010-01-08 01:04:41
dbus security update
2009-01-08 16:06:24
debian
debian
[SECURITY] [DSA 1837-1] New dbus packages fix denial of service
2009-07-18 08:56:27
[SECURITY] [DSA 1658-1] New dbus packages fix denial of service
2008-10-22 19:50:25
fedora
fedora
[SECURITY] Fedora 9 Update: dbus-1.2.4-1.fc9
2008-10-09 21:35:00
debiancve
debiancve
CVE-2008-3834
2008-10-07 21:01:52
securityvulns
securityvulns
dbus DoS
2009-07-20 00:00:00
[SECURITY] [DSA 1837-1] New dbus packages fix denial of service
2009-07-20 00:00:00
exploitdb
exploitdb
D-Bus Daemon < 1.2.4 - 'libdbus' Denial of Service
2009-01-19 00:00:00
vmware
vmware
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
3.6 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:P/A:P
7.3 High
AI Score
Confidence
High
0.011 Low
EPSS
Percentile
84.7%
Related for DEBIANCVE:CVE-2009-1189