CVE-2018-19358

GNOME Keyring through 3.28.2 allows local users to retrieve login credentials via a Secret Service API call and the D-Bus interface if the keyring is unlocked, a similar issue to CVE-2008-7320. One perspective is that this occurs because available D-Bus protection mechanisms involving the busconf...

[SECURITY] [DLA 1494-1] gdm3 security update

Package : gdm3 Version : 3.14.1-7+deb8u1 CVE ID : CVE-2018-14424 The daemon in GDM does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulti...

CVE-2018-14424

The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code...

CVE-2018-14424

The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code...

KDE kauth and kdelibs Logic Flaw Lets Local Users Obtain Root Privileges(CVE-2017-8422)

This document describes a generic root exploit against kde. The exploit is achieved by abusing a logic flaw within the KAuth framework which is present in kde4 org.kde.auth and kde5 org.kde.kf5auth. It is possible to spoof what KAuth calls callerID's which are indeed D-Bus unique names of the...

CentOS 7 : firewalld (CESA-2016:2597)

An update for firewalld is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Moderate: Red Hat Security Advisory: firewalld security, bug fix, and enhancement update

An update for firewalld is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

[SECURITY] Fedora 25 Update: firewalld-0.4.3.3-1.fc25

firewalld is a firewall service daemon that provides a dynamic customizable firewall with a D-Bus interface...

[SECURITY] Fedora 22 Update: rolekit-0.3.2-2.fc22

rolekit is a server daemon that provides a D-Bus interface and server roles...

[SECURITY] Fedora 23 Update: rolekit-0.4.0-4.rc1.fc23

rolekit is a server daemon that provides a D-Bus interface and server roles...

CVE-2012-2095

The SetWiredProperty function in the D-Bus interface in WICD before 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message...

CVE-2012-2095

The SetWiredProperty function in the D-Bus interface in WICD before 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message...

CVE-2012-2095

The SetWiredProperty function in the D-Bus interface in WICD before 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message...

CVE-2012-2095

The CVE-2012-2095 issue affects WICD before 1.7.2, where the SetWiredProperty function in the D-Bus interface allows local users to write arbitrary configuration and gain privileges via a crafted property name in a dbus message. This is a local-privilege-escalation vulnerability with CVSS v2 base...

Scientific Linux Security Update : NetworkManager on SL5.x i386/x86_64

CVE-2009-4145 NetworkManager: information disclosure by nm-connection-editor CVE-2009-4144 NetworkManager: WPA enterprise network not verified when certificate is removed A missing network certificate verification flaw was found in NetworkManager. If a user created a WPA Enterprise or 802.1x...

GLSA-201206-08 : Wicd: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201206-08 Wicd: Multiple vulnerabilities Two vulnerabilities have been found in Wicd: Passwords and passphrases are written to /var/log/wicd CVE-2012-0813. Input from the daemon's D-Bus interface is not properly sanitized...

CVE-2011-0725

Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sourceslist argument, related to the D-Bus interface...

Path traversal

Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sourceslist argument, related to the D-Bus interface...

CVE-2011-0725

Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sourceslist argument, related to the D-Bus interface...

USN-1068-1: Aptdaemon vulnerability

Sergey Nizovtsev discovered that Aptdaemon incorrectly filtered certain arguments when using its D-Bus interface. A local attacker could use this flaw to bypass security restrictions and view sensitive information by reading arbitrary files...