Lucene search

K

[email protected]NVD:CVE-2015-0245

HistoryFeb 13, 2015 - 3:59 p.m.

CVE-2015-0245

2015-02-1315:59:08

CWE-362

[email protected]

web.nvd.nist.gov

8

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:N/A:P

AI Score

5.3

Confidence

High

EPSS

0

Percentile

5.1%

D-Bus 1.4.x through 1.6.x before 1.6.30, 1.8.x before 1.8.16, and 1.9.x before 1.9.10 does not validate the source of ActivationFailure signals, which allows local users to cause a denial of service (activation failure error returned) by leveraging a race condition involving sending an ActivationFailure signal before systemd responds.

Affected configurations

Nvd

Node

freedesktopdbusMatch1.4.0

OR

freedesktopdbusMatch1.4.1

OR

freedesktopdbusMatch1.4.4

OR

freedesktopdbusMatch1.4.6

OR

freedesktopdbusMatch1.4.8

OR

freedesktopdbusMatch1.4.10

OR

freedesktopdbusMatch1.4.12

OR

freedesktopdbusMatch1.4.14

OR

freedesktopdbusMatch1.4.16

OR

freedesktopdbusMatch1.4.18

OR

freedesktopdbusMatch1.4.20

OR

freedesktopdbusMatch1.4.24

OR

freedesktopdbusMatch1.4.26

OR

freedesktopdbusMatch1.5.0

OR

freedesktopdbusMatch1.5.2

OR

freedesktopdbusMatch1.5.4

OR

freedesktopdbusMatch1.5.6

OR

freedesktopdbusMatch1.5.8

OR

freedesktopdbusMatch1.5.10

OR

freedesktopdbusMatch1.5.12

OR

freedesktopdbusMatch1.6.0

OR

freedesktopdbusMatch1.6.2

OR

freedesktopdbusMatch1.6.4

OR

freedesktopdbusMatch1.6.6

OR

freedesktopdbusMatch1.6.8

OR

freedesktopdbusMatch1.6.10

OR

freedesktopdbusMatch1.6.12

OR

freedesktopdbusMatch1.6.14

OR

freedesktopdbusMatch1.6.16

OR

freedesktopdbusMatch1.6.18

OR

freedesktopdbusMatch1.6.20

OR

freedesktopdbusMatch1.6.22

OR

freedesktopdbusMatch1.6.24

OR

freedesktopdbusMatch1.6.26

OR

freedesktopdbusMatch1.6.28

OR

freedesktopdbusMatch1.8.0

OR

freedesktopdbusMatch1.8.2

OR

freedesktopdbusMatch1.8.4

OR

freedesktopdbusMatch1.8.6

OR

freedesktopdbusMatch1.8.8

OR

freedesktopdbusMatch1.8.10

OR

freedesktopdbusMatch1.8.12

OR

freedesktopdbusMatch1.8.14

OR

freedesktopdbusMatch1.9.0

OR

freedesktopdbusMatch1.9.2

OR

freedesktopdbusMatch1.9.4

OR

freedesktopdbusMatch1.9.6

OR

freedesktopdbusMatch1.9.8

Node

opensuseopensuseMatch13.1

OR

opensuseopensuseMatch13.2

References

advisories.mageia.org/MGASA-2015-0071.html

lists.opensuse.org/opensuse-updates/2015-02/msg00066.html

www.debian.org/security/2015/dsa-3161

www.mandriva.com/security/advisories?name=MDVSA-2015:176

www.openwall.com/lists/oss-security/2015/02/09/6

www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:N/A:P

AI Score

5.3

Confidence

High

EPSS

0

Percentile

5.1%

Related for NVD:CVE-2015-0245

mageia1 nessus12 openvas11 ubuntucve1 debiancve1 cve1 cvelist1 ubuntu1 archlinux2 securityvulns2 debian2 altlinux1 gentoo2 osv1 prion1 cloudfoundry1 photon2 fedora2 suse2