15 matches found
EUVD-2024-27691
Malicious code in bioql PyPI...
CVE-2024-2746
Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon accepted arbitrary configuration parameters from unprivileged users, which allowed a local root exploit by tricking the daemon into loading a user controlled "plugin". All of this happened before Polkit...
CVE-2024-2746
Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon accepted arbitrary configuration parameters from unprivileged users, which allowed a local root exploit by tricking the daemon into loading a user controlled "plugin". All of this happened before Polkit...
CVE-2024-2746 Incomplete fix for CVE-2024-1929
Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon accepted arbitrary configuration parameters from unprivileged users, which allowed a local root exploit by tricking the daemon into loading a user controlled "plugin". All of this happened before Polkit...
D-Bus: Multiple Vulnerabilities
Background D-Bus is a daemon providing a framework for applications to communicate with one another. Description Multiple vulnerabilities have been discovered in D-Bus. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...
Debian DSA-3099-1 : dbus - security update
Simon McVittie discovered that the fix for CVE-2014-3636 was incorrect, as it did not fully address the underlying denial-of-service vector. This update starts the D-Bus daemon as root initially, so that it can properly raise its file descriptor count. In addition, this update reverts the...
Debian Security Advisory DSA 3099-1 (dbus - security update)
Simon McVittie discovered that the fix for CVE-2014-3636 was incorrect, as it did not fully address the underlying denial-of-service vector. This update starts the D-Bus daemon as root initially, so that it can properly raise its file descriptor count. In addition, this update reverts the...
D-Bus Daemon < 1.2.4 - (libdbus) Denial of Service Exploit
No description provided by source. / cve-2008-3834.c D-Bus Daemon Denial of Service 1.2.4 Jon Oberheide [email protected] http://jon.oberheide.org Usage: $ gcc pkg-config dbus-1 --cflags cve-2008-3834.c pkg-config dbus-1 --libs -o cve-2008-3834 $ ./cve-2008-3834 Information:...
openSUSE Security Update : dbus-1 (openSUSE-SU-2011:0401-1)
Local users could crash the D-Bus daemon by sending a specially crafted message CVE-2010-4352. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update dbus-1-4431. The text description of this plugin ...
SuSE 10 Security Update : dbus (ZYPP Patch Number 7482)
Local users could crash the D-Bus daemon by sending a specially crafted message CVE-2010-4352. This update also properly fixes CVE-2008-3834 / CVE-2009-1189. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'...
openSUSE Security Update : dbus-1 (openSUSE-SU-2011:0401-1)
Local users could crash the D-Bus daemon by sending a specially crafted message CVE-2010-4352. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update dbus-1-4431. The text description of this plugin ...
SuSE 11.1 Security Update : dbus (SAT Patch Number 4434)
Local users could crash the D-Bus daemon by sending a specially crafted message CVE-2010-4352. This update also properly fixes CVE-2008-3834 / CVE-2009-1189. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11...
SuSE 10 Security Update : dbus (ZYPP Patch Number 7483)
Local users could crash the D-Bus daemon by sending a specially crafted message CVE-2010-4352. This update also properly fixes CVE-2008-3834 / CVE-2009-1189. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'...
Ubuntu Update for dbus vulnerabilities USN-653-1
Ubuntu Update for Linux kernel vulnerabilities USN-653-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6531.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for dbus vulnerabilities USN-653-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
D-Bus Daemon < 1.2.4 - 'libdbus' Denial of Service
/ cve-2008-3834.c D-Bus Daemon Denial of Service http://jon.oberheide.org Usage: $ gcc pkg-config dbus-1 --cflags cve-2008-3834.c pkg-config dbus-1 --libs -o cve-2008-3834 $ ./cve-2008-3834 Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3834 The dbussignaturevalidate function...