Lucene search
Copyright (c) 2011 Greenbone Networks GmbHOPENVAS:870414HistoryMar 25, 2011 - 12:00 a.m.
RedHat Update for dbus RHSA-2011:0376-01
2011-03-2500:00:00
Copyright (c) 2011 Greenbone Networks GmbH
plugins.openvas.org
9
0.0004 Low
EPSS
Percentile
8.6%
Check for the Version of dbus
###############################################################################
# OpenVAS Vulnerability Test
#
# RedHat Update for dbus RHSA-2011:0376-01
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "D-Bus is a system for sending messages between applications. It is used for
the system-wide message bus service and as a per-user-login-session
messaging facility.
A denial of service flaw was discovered in the system for sending messages
between applications. A local user could send a message with an excessive
number of nested variants to the system-wide message bus, causing the
message bus (and, consequently, any process using libdbus to receive
messages) to abort. (CVE-2010-4352)
All users are advised to upgrade to these updated packages, which contain a
backported patch to correct this issue. For the update to take effect, all
running instances of dbus-daemon and all running applications using the
libdbus library must be restarted, or the system rebooted.";
tag_affected = "dbus on Red Hat Enterprise Linux (v. 5 server)";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "https://www.redhat.com/archives/rhsa-announce/2011-March/msg00039.html");
script_id(870414);
script_version("$Revision: 6685 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $");
script_tag(name:"creation_date", value:"2011-03-25 15:26:27 +0100 (Fri, 25 Mar 2011)");
script_tag(name:"cvss_base", value:"2.1");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:N/I:N/A:P");
script_xref(name: "RHSA", value: "2011:0376-01");
script_cve_id("CVE-2010-4352");
script_name("RedHat Update for dbus RHSA-2011:0376-01");
script_summary("Check for the Version of dbus");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
script_family("Red Hat Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "RHENT_5")
{
if ((res = isrpmvuln(pkg:"dbus", rpm:"dbus~1.1.2~15.el5_6", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"dbus-debuginfo", rpm:"dbus-debuginfo~1.1.2~15.el5_6", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"dbus-devel", rpm:"dbus-devel~1.1.2~15.el5_6", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"dbus-libs", rpm:"dbus-libs~1.1.2~15.el5_6", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"dbus-x11", rpm:"dbus-x11~1.1.2~15.el5_6", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
Related
nessus
nessus
openSUSE Security Update : dbus-1 (openSUSE-SU-2011:0401-1)
2014-06-13 00:00:00
Fedora 13 : dbus-1.2.24-2.fc13 (2010-19178)
2011-04-13 00:00:00
RHEL 5 / 6 : dbus (RHSA-2011:0376)
2011-03-23 00:00:00
securityvulns
securityvulns
D-Bus DoS
2011-01-19 00:00:00
[USN-1044-1] D-Bus vulnerability
2011-01-19 00:00:00
[ GLSA 201110-14 ] D-Bus: Multiple vulnerabilities
2011-10-26 00:00:00
cve
cve
CVE-2010-4352
2010-12-30 19:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-1044-1)
2011-01-21 00:00:00
Oracle: Security Advisory (ELSA-2011-0376)
2015-10-06 00:00:00
CentOS Update for dbus CESA-2011:0376 centos5 x86_64
2012-07-30 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: dbus-1.2.24-2.fc13
2011-04-12 21:30:00
[SECURITY] Fedora 14 Update: dbus-1.4.0-2.fc14
2010-12-25 00:27:38
[SECURITY] Fedora 14 Update: dbus-1.4.0-3.fc14
2011-08-13 02:28:01
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:00:25
centos
centos
dbus security update
2011-04-14 23:47:56
redhat
redhat
(RHSA-2011:0376) Moderate: dbus security update
2011-03-22 00:00:00
(RHSA-2011:0439) Moderate: rhev-hypervisor security and bug fix update
2011-04-13 00:00:00
oraclelinux
oraclelinux
dbus security update
2011-03-22 00:00:00
dbus security update
2011-08-09 00:00:00
debian
debian
[SECURITY] [DSA 2149-1] Security update for dbus
2011-01-20 16:06:34
osv
osv
dbus - denial of service
2011-01-20 00:00:00
ubuntucve
ubuntucve
CVE-2010-4352
2010-12-30 00:00:00
ubuntu
ubuntu
D-Bus vulnerability
2011-01-18 00:00:00
debiancve
debiancve
CVE-2010-4352
2010-12-30 19:00:00
prion
prion
Stack overflow
2010-12-30 19:00:00
gentoo
gentoo
D-Bus: Multiple vulnerabilities
2011-10-21 00:00:00