58 matches found
NULL Pointer Dereference
tcmu-runner is vulnerable to NULL pointer dereference. The vulnerability exists in the UnregisterHandler method implemented in the tcmu-runner daemon. A local, non-root user with access to the D-Bus system bus could call UnregisterHandler method with non-existing tcmu handler as paramater to...
OPENSUSE-SU-2019:1246-1 Security update for blueman
This update for blueman fixes the following issues: The following security issue was addressed: - Fixed the polkit authorization checks in blueman, which previously allowed any user with access to the D-Bus system bus to trigger certain network configuration logic in blueman without authenticatio...
MGASA-2018-0414 Updated blueman packages fix security vulnerability
Flawed polkit authorization checks in blueman allowed any user with access to the D-Bus system bus to trigger certain network configuration logic in blueman without authentication boo1083066...
Moderate: Red Hat Security Advisory: tcmu-runner security update
An update for tcmu-runner is now available for Red Hat Gluster Storage 3.3.1 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
CVE-2017-1000200
A NULL pointer dereference flaw was found in the UnregisterHandler method implemented in the tcmu-runner daemon. A local, non-root user with access to the D-Bus system bus could call the UnregisterHandler method with the name of a handler loaded internally in tcmu-runner via dlopen to trigger DoS...
CVE-2017-1000201
A NULL pointer dereference flaw was found in the UnregisterHandler method implemented in the tcmu-runner daemon. A local, non-root user with access to the D-Bus system bus could call UnregisterHandler method with non-existing tcmu handler as paramater to trigger DoS...
USN-3116-1 dbus vulnerabilities
It was discovered that DBus incorrectly validated the source of ActivationFailure signals. A local attacker could use this issue to cause a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2015-0245 It was discovered that DBus incorrectly handled certain...
Vulnerabilities in the SUSE Linux Enterprise operating system that allow attackers to compromise the confidentiality, integrity, and accessibility of protected information
Multiple vulnerabilities exist in the dbus-1-glib-debuginfo-32bit package of the SUSE Linux Enterprise operating system. Exploitation of these vulnerabilities may lead to breaches of confidentiality, integrity, and accessibility of protected information. The exploitation of these vulnerabilities...
Vulnerabilities in the OpenSUSE operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the dbus-1-qt3-debugsource package of the OpenSUSE operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of these vulnerabilities can be carried out by a malicious individual who has complete...
D-Bus Local Denial of Service Vulnerability
D-Bus is an inter-process communication IPC implementation. It is used to send messages between applications. D-Bus suffers from a local denial of service vulnerability that can be exploited by a local attacker to crash the system and deny service to legitimate users...
D-Bus: Multiple Vulnerabilities
Background D-Bus is a message bus system, a simple way for applications to talk to one another. Description Multiple vulnerabilities have been discovered in D-Bus. Please review the CVE identifiers referenced below for details. Impact A local attacker could possibly cause a Denial of Service...
UBUNTU-CVE-2014-7824
D-Bus 1.3.0 through 1.6.x before 1.6.26, 1.8.x before 1.8.10, and 1.9.x before 1.9.2 allows local users to cause a denial of service prevention of new connections and connection drop by queuing the maximum number of file descriptors. NOTE: this vulnerability exists because of an incomplete fix fo...
UBUNTU-CVE-2014-3638
The busconnectionscheckreply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service CPU consumption via a large number of method calls...
DEBIAN-CVE-2010-4352
Stack consumption vulnerability in D-Bus aka DBus before 1.4.1 allows local users to cause a denial of service daemon crash via a message containing many nested variants...
Fedora Update for dbus FEDORA-2010-19166
Check for the Version of dbus OpenVAS Vulnerability Test Fedora Update for dbus FEDORA-2010-19166 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Moderate: Red Hat Security Advisory: dbus security update
Updated dbus packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. D-Bus is a system for sending messages between applications. It is used for the system-wide messag...
DEBIAN-CVE-2005-0201
D-BUS dbus before 0.22 does not properly restrict access to a socket, if the socket address is known, which allows local users to listen or send arbitrary messages on another user's per-user session bus via that socket...
Mandrake Linux Security Advisory : dbus (MDKSA-2005:105)
Dan Reed discovered a vulnerability in the D-BUS system for sending messages between applications. He found that a user can send and listen to messages on another user's per-user session bus if they knew the address of the socket. The updated packages have been patched to correct this problem...