Download
| Alert*
|
oval:org.secpod.oval:def:89003386
This update for dbus-1 fixes the following issues: Security issue fixed: - CVE-2019-12749: Fixed an implementation flaw in DBUS_COOKIE_SHA1 which could have allowed local attackers to bypass authentication . oval:org.secpod.oval:def:89003201 This update for dbus-1 fixes the following issue: Security issue fixed: - CVE-2019-12749: Fixed an implementation flaw in DBUS_COOKIE_SHA1 which could have allowed local attackers to bypass authentication . oval:org.secpod.oval:def:66502 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix: * dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass For more details about the security issue, including the ... oval:org.secpod.oval:def:89003336 This update for dbus-1 fixes the following issues: Security issue fixed: - CVE-2019-12749: Fixed an implementation flaw in DBUS_COOKIE_SHA1 which could have allowed local attackers to bypass authentication . oval:org.secpod.oval:def:503391 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix: * dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass For more details about the security issue, including the ... oval:org.secpod.oval:def:116769 D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. oval:org.secpod.oval:def:1801454 dbus is the reference implementation of D-Bus, an asynchronous inter-process communication system commonly used for system services or within a desktop session on Linux and other operating systems. Joe Vennix of Apple Information Security discovered an implementation flaw in the DBUS_COOKIE_SHA1 aut ... oval:org.secpod.oval:def:1801477 dbus is the reference implementation of D-Bus, an asynchronous inter-process communication system commonly used for system services or within a desktop session on Linux and other operating systems. Joe Vennix of Apple Information Security discovered an implementation flaw in the DBUS_COOKIE_SHA1 aut ... oval:org.secpod.oval:def:1801459 dbus is the reference implementation of D-Bus, an asynchronous inter-process communication system commonly used for system services or within a desktop session on Linux and other operating systems. Joe Vennix of Apple Information Security discovered an implementation flaw in the DBUS_COOKIE_SHA1 aut ... oval:org.secpod.oval:def:1601027 dbus as used in DBusServer, allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a diffe ... oval:org.secpod.oval:def:1801468 dbus is the reference implementation of D-Bus, an asynchronous inter-process communication system commonly used for system services or within a desktop session on Linux and other operating systems. Joe Vennix of Apple Information Security discovered an implementation flaw in the DBUS_COOKIE_SHA1 aut ... oval:org.secpod.oval:def:705010 dbus: simple interprocess messaging system DBus could allow unintended access to services. oval:org.secpod.oval:def:89000671 This update for dbus-1 fixes the following issues: - CVE-2019-12749: Fixed an implementation flaw in DBUS_COOKIE_SHA1 which could have allowed local attackers to bypass authentication . oval:org.secpod.oval:def:603942 Joe Vennix discovered an authentication bypass vulnerability in dbus, an asynchronous inter-process communication system. The implementation of the DBUS_COOKIE_SHA1 authentication mechanism was susceptible to a symbolic link attack. A local attacker could take advantage of this flaw to bypass authen ... oval:org.secpod.oval:def:55511 Joe Vennix discovered an authentication bypass vulnerability in dbus, an asynchronous inter-process communication system. The implementation of the DBUS_COOKIE_SHA1 authentication mechanism was susceptible to a symbolic link attack. A local attacker could take advantage of this flaw to bypass authen ... oval:org.secpod.oval:def:1502563 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:205621 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix: * dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass For more details about the security issue, including the ... oval:org.secpod.oval:def:205230 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix: * dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass For more details about the security issue, including the ... oval:org.secpod.oval:def:503175 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix: * dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass For more details about the security issue, including the ... oval:org.secpod.oval:def:2105288 dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus ... oval:org.secpod.oval:def:1504374 [1.12.8-9.0.1] - fix netlink poll: error 4 [1:1.12.8-9] - Ensure that patches are applied [1:1.12.8-8] - Fix CVE-2019-12749 oval:org.secpod.oval:def:1504252 [1:1.10.24-15.0.1] - fix netlink poll: error 4 [1:1.10.24-15] - Fix CVE-2020-12049 oval:org.secpod.oval:def:504329 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix: * dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass For more details about the security issue, including the ... oval:org.secpod.oval:def:55529 dbus: simple interprocess messaging system DBus could allow unintended access to services. oval:org.secpod.oval:def:1701056 A flaw was found in dbus. The implementation of DBUS_COOKIE_SHA1 is susceptible to a symbolic link attack. A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause the DBusServer to read and write in unintended locations resulting in an auth ... |
