MiracleLinux 4 : dbus-1.2.24-7.AXS4 (AXSA:2012-954:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-954:01 advisory. D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messagin...

An issue was discovered in D-Bus before 1.12.24 1.13.x and 1.14.x before 1.14.4 and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format.

...

UBUNTU-CVE-2014-3637

D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 does not properly close connections for processes that have terminated, which allows local users to cause a denial of service via a D-bus message containing a D-Bus connection file descriptor...