MiracleLinux 4 : dbus-1.2.24-7.AXS4 (AXSA:2012-954:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-954:01 advisory. D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messagin...

NewStart CGSL MAIN 6.02 : dbus Multiple Vulnerabilities (NS-SA-2022-0093)

The remote NewStart CGSL host, running version MAIN 6.02, has dbus packages installed that are affected by multiple vulnerabilities: - Unspecified vulnerability in the matchruleequal function in bus/signals.c in D-Bus before 1.0.2 allows local applications to remove match rules for other...

SUSE: Security Advisory (SUSE-SU-2012:1155-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2012:1155-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 201406-01

Gentoo Linux Local Security Checks GLSA 201406-01 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Amazon Linux: Security Advisory (ALAS-2012-128)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : dbus-1 (openSUSE-SU-2015:0111-1)

This update fixes the following security issues : - CVE-2014-8148 : - Do not allow calls to UpdateActivationEnvironment from uids other than the uid of the dbus-daemon. If a system service installs unsafe security policy rules that allow arbitrary method calls such as CVE-2014-8148 then this...

Oracle Solaris Third-Party Patch Update : libdbus (cve_2012_3524_permissions_privileges)

The remote Solaris system is missing necessary patches to address security updates : - libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUSSYSTEMBUSADDRESS...

libdbus 'DBUS_SYSTEM_BUS_ADDRESS' Local Privilege Escalation

No description provided by source. / dzug.c CVE-2012-3524 PoC C 2012 Sebastian Krahmer Trivial non-dbus root exploit. Yes, it is 2012! The underlying bug insecure getenv by default has been reported ages ago, but nobody really cared. Unless you have an exploit... / include stdio.h include stdlib....

openSUSE Security Update : dbus-1 / dbus-1-x11 (openSUSE-SU-2012:1287-1)

This update fixed CVE-2012-3524 getenv vulnerability, which can be used by local attackers to escalate privileges to root. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-670. Th...

Amazon Linux AMI : dbus (ALAS-2012-128)

It was discovered that the D-Bus library honored environment settings even when running with elevated privileges. A local attacker could possibly use this flaw to escalate their privileges, by setting specific environment variables before running a setuid or setgid application linked against the...

Mandriva Linux Security Advisory : dbus (MDVSA-2013:070)

Updated dbus packages fix security vulnerability : It was discovered that the D-Bus library honored environment settings even when running with elevated privileges. A local attacker could possibly use this flaw to escalate their privileges, by setting specific environment variables before running...

Mandriva Linux Security Advisory : glib2.0 (MDVSA-2013:083)

Updated glib2.0 packages fix security vulnerability : It was discovered that the version of glib shipped with MBS 1 does not sanitise certain DBUS related environment variables. When used in combination with a setuid application which utilises dbus via glib, a local user could gain escalated...

SuSE 11.2 Security Update : dbus-1 (SAT Patch Number 6733)

This update fixes a vulnerability in the DBUS auto-launching feature that allowed local users to execute arbitrary programs as root. CVE-2012-3524 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

Fedora Update for dbus FEDORA-2012-14126

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 16 : dbus-1.4.10-4.fc16 (2012-14126)

Resolves https://bugzilla.redhat.com/showbug.cgi?id=857226 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Ubuntu: Security Advisory (USN-1576-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

update for dbus-1, dbus-1-x11 (important)

This update fixed CVE-2012-3524 getenv vulnerability, which can be used by local attackers to escalate privileges to root...

[USN-1576-1] DBus vulnerability

========================================================================== Ubuntu Security Notice USN-1576-1 September 20, 2012 dbus vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Important: Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update

An updated rhev-hypervisor6 package that fixes multiple security issues and one bug is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...