[USN-1176-1] DBus vulnerability

Type securityvulns
Reporter Securityvulns
Modified 2011-08-01T00:00:00


========================================================================== Ubuntu Security Notice USN-1176-1 July 26, 2011

dbus vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 11.04
  • Ubuntu 10.10
  • Ubuntu 10.04 LTS
  • Ubuntu 8.04 LTS


DBus could be made to crash if it processed a specially crafted message.

Software Description: - dbus: simple interprocess messaging system


It was discovered that DBus did not properly validate the byte order of messages under certain circumstances. An attacker could exploit this to cause a denial of service via application crash or potentially obtain access to sensitive information.

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 11.04: dbus 1.4.6-1ubuntu6.1

Ubuntu 10.10: dbus 1.4.0-0ubuntu1.3

Ubuntu 10.04 LTS: dbus 1.2.16-2ubuntu4.3

Ubuntu 8.04 LTS: dbus 1.1.20-1ubuntu3.5

After a standard system update you need to reboot your computer to make all the necessary changes.

References: http://www.ubuntu.com/usn/usn-1176-1 CVE-2011-2200

Package Information: https://launchpad.net/ubuntu/+source/dbus/1.4.6-1ubuntu6.1 https://launchpad.net/ubuntu/+source/dbus/1.4.0-0ubuntu1.3 https://launchpad.net/ubuntu/+source/dbus/1.2.16-2ubuntu4.3 https://launchpad.net/ubuntu/+source/dbus/1.1.20-1ubuntu3.5