DBus vulnerability

2019-06-1100:00:00

ubuntu.com

136

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

7.3 High

AI Score

Confidence

High

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

0.0005 Low

EPSS

Percentile

16.2%

JSON

Releases

Ubuntu 19.04
Ubuntu 18.10
Ubuntu 18.04 ESM
Ubuntu 16.04 ESM

Packages

dbus - simple interprocess messaging system

Details

Joe Vennix discovered that DBus incorrectly handled DBUS_COOKIE_SHA1
authentication. A local attacker could possibly use this issue to bypass
authentication and connect to DBus servers with elevated privileges.

OSVersionArchitecturePackageVersionFilename
Ubuntu19.04noarchdbus< 1.12.12-1ubuntu1.1UNKNOWN
Ubuntu19.04noarchdbus-1-doc< 1.12.12-1ubuntu1.1UNKNOWN
Ubuntu19.04noarchdbus-dbgsym< 1.12.12-1ubuntu1.1UNKNOWN
Ubuntu19.04noarchdbus-tests< 1.12.12-1ubuntu1.1UNKNOWN
Ubuntu19.04noarchdbus-tests-dbgsym< 1.12.12-1ubuntu1.1UNKNOWN
Ubuntu19.04noarchdbus-udeb< 1.12.12-1ubuntu1.1UNKNOWN
Ubuntu19.04noarchdbus-user-session< 1.12.12-1ubuntu1.1UNKNOWN
Ubuntu19.04noarchdbus-x11< 1.12.12-1ubuntu1.1UNKNOWN
Ubuntu19.04noarchdbus-x11-dbgsym< 1.12.12-1ubuntu1.1UNKNOWN
Ubuntu19.04noarchlibdbus-1-3< 1.12.12-1ubuntu1.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	19.04	noarch	dbus	< 1.12.12-1ubuntu1.1	UNKNOWN
Ubuntu	19.04	noarch	dbus-1-doc	< 1.12.12-1ubuntu1.1	UNKNOWN
Ubuntu	19.04	noarch	dbus-dbgsym	< 1.12.12-1ubuntu1.1	UNKNOWN
Ubuntu	19.04	noarch	dbus-tests	< 1.12.12-1ubuntu1.1	UNKNOWN
Ubuntu	19.04	noarch	dbus-tests-dbgsym	< 1.12.12-1ubuntu1.1	UNKNOWN
Ubuntu	19.04	noarch	dbus-udeb	< 1.12.12-1ubuntu1.1	UNKNOWN
Ubuntu	19.04	noarch	dbus-user-session	< 1.12.12-1ubuntu1.1	UNKNOWN
Ubuntu	19.04	noarch	dbus-x11	< 1.12.12-1ubuntu1.1	UNKNOWN
Ubuntu	19.04	noarch	dbus-x11-dbgsym	< 1.12.12-1ubuntu1.1	UNKNOWN
Ubuntu	19.04	noarch	libdbus-1-3	< 1.12.12-1ubuntu1.1	UNKNOWN