Lucene search
+L

2004 matches found

securityvulns
securityvulns
added 2008/02/29 12:0 a.m.59 views

[ MDVSA-2008:054 ] - Updated dbus packages fix vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2008:054 http://www.mandriva.com/security/ Package : dbus Date : February 28, 2008 Affected: 2007.0, 2007.1, 2008.0 Problem Description: A vulnerability was discovered by Havoc Pennington in how the dbus-daemon...

4.6CVSS6.2AI score0.00408EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2008/02/29 12:0 a.m.29 views

Fedora 7 : dbus-1.0.2-7.fc7 (2008-2043)

Wed Feb 27 2008 David Zeuthen - 1.0.2-7.fc7 - CVE-2008-0595 - Fri Jun 22 2007 Matthias Clasen - 1.0.2-6 - Don't require libxml-python needlessly 245300 - Sun Jun 17 2007 Matthias Clasen - 1.0.2-5 - Require pkgconfig in -devel, not in -x11 244385 Note that Tenable Network Security has extracted...

4.6CVSS6.8AI score0.00408EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2008/02/29 12:0 a.m.31 views

Fedora 8 : dbus-1.1.2-9.fc8 (2008-2070)

Wed Feb 27 2008 David Zeuthen - 1.1.2-9.fc8 - CVE-2008-0595 - Thu Oct 25 2007 Bill Nottingham - 1.1.2-8 - have -libs obsolete older versions of the main package so that yum upgrades work Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

4.6CVSS6.9AI score0.00408EPSS
Exploits2References3
Oracle linux
Oracle linux
added 2008/02/28 12:0 a.m.51 views

Moderate: dbus security update

1.0.0-6.3.el51 - CVE-2008-0595: D-Bus security policy circumvention - Resolves: 432437 1.0.0-6.el51 - CVE-2006-6107: D-Bus denial of service - Resolves: 219601...

4.6CVSS2.4AI score0.00408EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2008/02/28 12:0 a.m.38 views

RHEL 5 : dbus (RHSA-2008:0159)

Updated dbus packages that fix an issue with circumventing the security policy are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. D-Bus is a system for sending messages between applications. It is used both for the system-wide...

4.6CVSS6.9AI score0.00408EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2008/02/27 9:29 p.m.7 views

dbus security policy circumvention

dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes sendinterface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method call with a NULL interface...

4.6CVSS7.1AI score0.00408EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2007/11/06 12:0 a.m.27 views

Fedora 7 : bind-9.4.1-4.fc7 (2007-0300)

236426 - improved zone-finding on server side rndc freeze works better 235809 - fixed race-condition in dbus code 241103 - fixed typo in bind-chroot-admin 239802 - start using deprecated LDAP API 239149 - handle dynamic zone updates CVE-2007-2241 Note that Tenable Network Security has extracted t...

7.1CVSS6.7AI score0.07614EPSS
Exploits0References2
securityvulns
securityvulns
added 2007/06/28 12:0 a.m.34 views

Avahi DBUS DoS

Empty TXT record causes daemon to crash...

2.1CVSS1.1AI score0.00404EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2007/02/09 12:0 a.m.33 views

CentOS 4 : dbus (CESA-2007:0008)

Updated dbus packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. D-BUS is a system for sending messages between applications. It is used both for the systemwide...

1.7CVSS6.7AI score0.00376EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2007/02/09 12:0 a.m.31 views

RHEL 4 : dbus (RHSA-2007:0008)

Updated dbus packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. D-BUS is a system for sending messages between applications. It is used both for the systemwide...

1.7CVSS6.7AI score0.00376EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2007/02/08 12:0 a.m.38 views

Moderate: dbus security update

0.22-12EL.8 - CVE-2006-6107: D-Bus denial of service - Resolves: 218055...

1.7CVSS5.8AI score0.00376EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/01/17 12:0 a.m.22 views

Fedora Core 6 : dbus-1.0.1-8.fc6 (2006-1475)

Kimmo Hamalainen reported a DoS flaw in D-Bus that can cause a local user to disable the the ability of another process to receive certain messages. This flaw does not contain any potential for arbitrary code execution. Note that Tenable Network Security has extracted the preceding description...

5.7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2006/12/16 12:0 a.m.33 views

FreeBSD : dbus -- match_rule_equal() Weakness (5b47b70d-8ba9-11db-81d5-00123ffe8333)

Secunia reports : D-Bus have a weakness, which can be exploited by malicious, local users to cause a DoS Denial of Service. An error within the 'matchruleequal' function can be exploited to disable the ability of other processes to receive messages by removing their matches from D-Bus...

1.7CVSS6.9AI score0.00376EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2006/07/05 12:0 a.m.20 views

CentOS 4 : dbus (CESA-2005:102)

Updated dbus packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. D-BUS is a system for sending messages between applications. It is used both for the systemwide message...

2.1CVSS5.3AI score0.00428EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.20 views

Ubuntu 4.10 : dbus vulnerability (USN-144-1)

Besides providing the global system-wide communication bus, dbus also offers per-user 'session' buses which applications in an user's session can create and use to communicate with each other. Daniel Reed discovered that the default configuration of the session dbus allowed a local user to connec...

2.1CVSS5.4AI score0.00428EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/09/17 12:0 a.m.26 views

Fedora Core 4 : dbus-0.33-3.fc4.1 (2005-822)

Mon Aug 29 2005 John J5 Palmieri - 0.33-3.fc4.1 - add patch from 0.2x series that fixes an exploit where users can attach to another user's session bus CVE-2005-0201 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...

2.1CVSS5.4AI score0.00428EPSS
Exploits0References1
CVE
CVE
added 2005/06/28 4:0 a.m.80 views

CVE-2005-0201

CVE-2005-0201 affects D-BUS (dbus) before 0.22, where insufficient socket access restriction allows a local user to listen to or send arbitrary messages on another user’s per-user session bus if the socket address is known. This is a local-privilege/confidentiality issue. Connected advisories ind...

2.1CVSS6.1AI score0.00428EPSS
Exploits0References11Affected Software1
Cvelist
Cvelist
added 2005/06/28 4:0 a.m.21 views

CVE-2005-0201

D-BUS dbus before 0.22 does not properly restrict access to a socket, if the socket address is known, which allows local users to listen or send arbitrary messages on another user's per-user session bus via that socket...

6AI score0.00428EPSS
Exploits0References11
Ubuntu
Ubuntu
added 2005/06/28 1:14 a.m.60 views

USN-144-1: dbus vulnerability

Besides providing the global system-wide communication bus, dbus also offers per-user "session" buses which applications in an user's session can create and use to communicate with each other. Daniel Reed discovered that the default configuration of the session dbus allowed a local user to connec...

2.1CVSS5.4AI score0.00428EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/06/25 12:0 a.m.20 views

Mandrake Linux Security Advisory : dbus (MDKSA-2005:105)

Dan Reed discovered a vulnerability in the D-BUS system for sending messages between applications. He found that a user can send and listen to messages on another user's per-user session bus if they knew the address of the socket. The updated packages have been patched to correct this problem...

2.1CVSS5.4AI score0.00428EPSS
Exploits0References1
Rows per page
Query Builder