3 matches found
dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass
A flaw was found in dbus. The implementation of DBUSCOOKIESHA1 is susceptible to a symbolic link attack. A malicious client with write access to its own home directory could manipulate a /.dbus-keyrings symlink to cause the DBusServer to read and write in unintended locations resulting in an...
dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass
A flaw was found in dbus. The implementation of DBUSCOOKIESHA1 is susceptible to a symbolic link attack. A malicious client with write access to its own home directory could manipulate a /.dbus-keyrings symlink to cause the DBusServer to read and write in unintended locations resulting in an...
PT-2019-3286
Name of the Vulnerable Software and Affected Versions dbus versions 1.10.28 and earlier, 1.12.x prior to 1.12.16, and 1.13.x prior to 1.13.12 Description The issue is related to the DBUS COOKIE SHA1 authentication mechanism in the libdbus library, which is used in DBusServer in Canonical Upstart ...