19 matches found
MiracleLinux 3 : dbus-1.1.2-12.AXS3.1 (AXSA:2010-35:01)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2010-35:01 advisory. D-BUS is a system for sending messages between applications. It is used both for the systemwide message bus service, and as a per-user-login-session messaging...
NewStart CGSL MAIN 6.02 : dbus Multiple Vulnerabilities (NS-SA-2022-0093)
The remote NewStart CGSL host, running version MAIN 6.02, has dbus packages installed that are affected by multiple vulnerabilities: - Unspecified vulnerability in the matchruleequal function in bus/signals.c in D-Bus before 1.0.2 allows local applications to remove match rules for other...
RHEL 5 : rhev-hypervisor (RHSA-2010:0476)
An updated rhev-hypervisor package that fixes two security issues, multiple bugs, and adds enhancements is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severit...
RHEL 3 / 4 : flash-plugin (RHSA-2009:1189)
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 3 and 4 Extras. This update has been rated as having critical security impact by the Red Hat Security Response Team. The flash-plugin package contains a Mozilla Firefox compatib...
Scientific Linux Security Update : dbus on SL5.x i386/x86_64
It was discovered that the last dbus security update did not correctly fix the denial of service flaw in the system for sending messages between applications. A local user could use this flaw to send a message with a malformed signature to the bus, causing the bus and, consequently, any process...
SuSE 10 Security Update : dbus (ZYPP Patch Number 7482)
Local users could crash the D-Bus daemon by sending a specially crafted message CVE-2010-4352. This update also properly fixes CVE-2008-3834 / CVE-2009-1189. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'...
SuSE 11.1 Security Update : dbus (SAT Patch Number 4434)
Local users could crash the D-Bus daemon by sending a specially crafted message CVE-2010-4352. This update also properly fixes CVE-2008-3834 / CVE-2009-1189. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11...
SuSE 10 Security Update : dbus (ZYPP Patch Number 7483)
Local users could crash the D-Bus daemon by sending a specially crafted message CVE-2010-4352. This update also properly fixes CVE-2008-3834 / CVE-2009-1189. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'...
RHEL 5 : dbus (RHSA-2010:0018)
Updated dbus packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. D-Bus is a system for sending messages between applications. It is used for the system-wide messag...
dbus security update
1.1.2-12.el54.1 - CVE-2009-1189 dbus: invalid fix for CVE-2008-3834...
Mandriva Linux Security Advisory : dbus (MDVSA-2009:256-1)
A vulnerability was discovered and corrected in dbus : The dbusvalidatesignaturewithreason function dbus-marshal-validate.c in D-Bus aka DBus uses incorrect logic to validate a basic type, which allows remote attackers to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix...
Ubuntu USN-799-1 (dbus)
The remote host is missing an update to dbus announced via advisory USN-799-1. OpenVAS Vulnerability Test $Id: ubuntu7991.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7991.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-799-1 dbus Authors: Thomas Reinke...
[SECURITY] [DSA 1837-1] New dbus packages fix denial of service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1837-1 [email protected] http://www.debian.org/security/ Steffen Joeris July 18, 2009 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1837-1] New dbus packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1837-1 [email protected] http://www.debian.org/security/ Steffen Joeris July 18, 2009 http://www.debian.org/security/faq -...
Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : dbus vulnerability (USN-799-1)
It was discovered that the D-Bus library did not correctly validate signatures. If a local user sent a specially crafted D-Bus key, they could spoof a valid signature and bypass security policies. Note that Tenable Network Security has extracted the preceding description block directly from the...
CVE-2009-1189
The dbusvalidatesignaturewithreason function dbus-marshal-validate.c in D-Bus aka DBus before 1.2.14 uses incorrect logic to validate a basic type, which allows remote attackers to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix for CVE-2008-3834...
CVE-2009-1189
The dbusvalidatesignaturewithreason function dbus-marshal-validate.c in D-Bus aka DBus before 1.2.14 uses incorrect logic to validate a basic type, which allows remote attackers to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix for CVE-2008-3834...
CVE-2009-1189
The dbusvalidatesignaturewithreason function dbus-marshal-validate.c in D-Bus aka DBus before 1.2.14 uses incorrect logic to validate a basic type, which allows remote attackers to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix for CVE-2008-3834...
CVE-2009-1189
The vulnerability CVE-2009-1189 affects the D-Bus library (libdbus) in versions before 1.2.14, due to incorrect logic in _dbus_validate_signature_with_reason (dbus-marshal-validate.c). This flaw allows remote attackers to spoof a signature via a crafted key. The issue stems from an incomplete fix...