2005 matches found
DEBIAN-CVE-2009-1189
The dbusvalidatesignaturewithreason function dbus-marshal-validate.c in D-Bus aka DBus before 1.2.14 uses incorrect logic to validate a basic type, which allows remote attackers to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix for CVE-2008-3834...
CVE-2009-1189
The vulnerability CVE-2009-1189 affects the D-Bus library (libdbus) in versions before 1.2.14, due to incorrect logic in _dbus_validate_signature_with_reason (dbus-marshal-validate.c). This flaw allows remote attackers to spoof a signature via a crafted key. The issue stems from an incomplete fix...
PT-2009-1011 · Freedesktop.Org +1 · D-Bus +1
Name of the Vulnerable Software and Affected Versions: D-Bus versions prior to 1.2.14 D-Bus version 1.1.2 Description: The issue is due to incorrect logic used in the dbus validate signature with reason function to validate a basic type, allowing remote attackers to spoof a signature via a crafte...
MDVA-2008:135-1 : draksnapshot
This update fixes several issues in draksnapshot: The draksnapshot applet received the following fixes: - on desktop startup, it will wait for 30s before checking for available disc so that notification is positioned at the right place, on the applet icon - it prevents crashing if DBus is not...
Mandriva Linux Security Advisory : dbus (MDVSA-2008:054)
A vulnerability was discovered by Havoc Pennington in how the dbus-daemon applied its security policy. A user with the ability to connect to the dbus-daemon could possibly execute certain method calls that they should not normally have access to. The updated packages have been patched to correct...
Fedora 10 : dbus-1.2.6-1.fc10 (2008-10733)
A system restart is required for this update to take effect. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Mandriva Linux Security Advisory : dbus (MDVSA-2008:213)
The D-Bus library did not correctly validate certain corrupted signatures which could cause a crash of applications linked against the D-Bus library if a local user were to send a specially crafted D-Bus request CVE-2008-3834. The updated packages have been patched to prevent this issue...
Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : dbus vulnerabilities (USN-653-1)
Havoc Pennington discovered that the D-Bus daemon did not correctly validate certain security policies. If a local user sent a specially crafted D-Bus request, they could bypass security policies that had a 'sendinterface' defined. CVE-2008-0595 It was discovered that the D-Bus library did not...
Ubuntu 6.06 LTS / 8.10 : network-manager vulnerability (USN-727-2)
USN-727-1 fixed vulnerabilities in network-manager-applet. This advisory provides the corresponding updates for NetworkManager. It was discovered that NetworkManager did not properly enforce permissions when responding to dbus requests. A local user could perform dbus queries to view system and...
Ubuntu 7.10 / 8.04 LTS / 8.10 : network-manager-applet vulnerabilities (USN-727-1)
It was discovered that network-manager-applet did not properly enforce permissions when responding to dbus requests. A local user could perform dbus queries to view other users' network connection passwords and pre-shared keys. CVE-2009-0365 It was discovered that network-manager-applet did not...
openSUSE 10 Security Update : bluez-audio (bluez-audio-6197)
The dbus package used a too permissive configuration. Therefore intended access control for some services was not applied CVE-2008-4311. The new configuration denies access by default. Some dbus services may break due to this setting and need an updated configuration as well. The previous bluez...
Wicd information leak
User can hijack DBus messages intended for Wicd server process...
GLSA-200904-12 : Wicd: Information disclosure
The remote host is affected by the vulnerability described in GLSA-200904-12 Wicd: Information disclosure Tiziano Mueller of Gentoo discovered that the DBus configuration file for Wicd allows arbitrary users to own the org.wicd.daemon object. Impact : A local attacker could exploit this...
Mandriva Update for dbus MDVA-2008:111 (dbus)
Check for the Version of dbus OpenVAS Vulnerability Test Mandriva Update for dbus MDVA-2008:111 dbus Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Mandriva Update for draksnapshot MDVA-2008:135 (draksnapshot)
Check for the Version of draksnapshot OpenVAS Vulnerability Test Mandriva Update for draksnapshot MDVA-2008:135 draksnapshot Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Mandriva Update for dbus MDVSA-2008:054 (dbus)
Check for the Version of dbus OpenVAS Vulnerability Test Mandriva Update for dbus MDVSA-2008:054 dbus Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Mandriva Update for dbus MDVSA-2008:054 (dbus)
Check for the Version of dbus OpenVAS Vulnerability Test Mandriva Update for dbus MDVSA-2008:054 dbus Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Mandriva Update for dbus MDVA-2008:111 (dbus)
Check for the Version of dbus OpenVAS Vulnerability Test Mandriva Update for dbus MDVA-2008:111 dbus Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
openSUSE 10 Security Update : bluez-cups (bluez-cups-6118)
The dbus package used a too permissive configuration. Therefore intended access control for some services was not applied CVE-2008-4311. The new configuration denies access by default. Some dbus services may break due to this setting and need an updated configuration as well. %NASLMINLEVEL 70300 ...
Ubuntu Update for dbus vulnerability USN-401-1
Ubuntu Update for Linux kernel vulnerabilities USN-401-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4011.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for dbus vulnerability USN-401-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...