Download
| Alert*
|
oval:org.secpod.oval:def:51514
dbus: simple interprocess messaging system Several security issues were fixed in DBus. oval:org.secpod.oval:def:118362 D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. oval:org.secpod.oval:def:201985 D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. A denial-of-service flaw was discovered in the system for sending messages between applications. A local user could send a message with ... oval:org.secpod.oval:def:1801455 dbus is installed oval:org.secpod.oval:def:203083 dbus is installed oval:org.secpod.oval:def:202115 D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. A denial-of-service flaw was discovered in the system for sending messages between applications. A local user could send a message with ... oval:org.secpod.oval:def:66502 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix: * dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass For more details about the security issue, including the ... oval:org.secpod.oval:def:701704 dbus is installed oval:org.secpod.oval:def:503391 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix: * dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass For more details about the security issue, including the ... oval:org.secpod.oval:def:701007 dbus: simple interprocess messaging system DBus could be made to run programs as an administrator. oval:org.secpod.oval:def:701029 dbus: simple interprocess messaging system Details: USN-1576-1 fixed vulnerabilities in DBus. The update caused a regression for certain services launched from the activation helper, and caused an unclean shutdown on upgrade. This update fixes the problem. We apologize for the inconvenience. Origina ... oval:org.secpod.oval:def:111451 D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. oval:org.secpod.oval:def:111599 D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. oval:org.secpod.oval:def:202448 D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. It was discovered that the D-Bus library honored environment settings even when running with elevated privileges. A local attacker could ... oval:org.secpod.oval:def:500567 D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. A denial-of-service flaw was discovered in the system for sending messages between applications. A local user could send a message with ... oval:org.secpod.oval:def:201796 D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. It was discovered that the Red Hat Security Advisory RHSA-2009:0008 did not correctly fix the denial of service flaw in the system for s ... oval:org.secpod.oval:def:201832 D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. It was discovered that the Red Hat Security Advisory RHSA-2009:0008 did not correctly fix the denial of service flaw in the system for s ... oval:org.secpod.oval:def:1801477 dbus is the reference implementation of D-Bus, an asynchronous inter-process communication system commonly used for system services or within a desktop session on Linux and other operating systems. Joe Vennix of Apple Information Security discovered an implementation flaw in the DBUS_COOKIE_SHA1 aut ... oval:org.secpod.oval:def:116769 D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. oval:org.secpod.oval:def:1601027 dbus as used in DBusServer, allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a diffe ... oval:org.secpod.oval:def:1601263 It was discovered that the D-Bus library honored environment settings even when running with elevated privileges. A local attacker could possibly use this flaw to escalate their privileges, by setting specific environment variables before running a setuid or setgid application linked against the D-B ... oval:org.secpod.oval:def:500892 D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. It was discovered that the D-Bus library honored environment settings even when running with elevated privileges. A local attacker could ... oval:org.secpod.oval:def:1503626 Updated dbus packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fro ... oval:org.secpod.oval:def:500422 D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. It was discovered that the Red Hat Security Advisory RHSA-2009:0008 did not correctly fix the denial of service flaw in the system for s ... oval:org.secpod.oval:def:37871 dbus: simple interprocess messaging system Several security issues were fixed in DBus. oval:org.secpod.oval:def:705010 dbus: simple interprocess messaging system DBus could allow unintended access to services. oval:org.secpod.oval:def:603942 Joe Vennix discovered an authentication bypass vulnerability in dbus, an asynchronous inter-process communication system. The implementation of the DBUS_COOKIE_SHA1 authentication mechanism was susceptible to a symbolic link attack. A local attacker could take advantage of this flaw to bypass authen ... oval:org.secpod.oval:def:205621 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix: * dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass For more details about the security issue, including the ... oval:org.secpod.oval:def:55511 Joe Vennix discovered an authentication bypass vulnerability in dbus, an asynchronous inter-process communication system. The implementation of the DBUS_COOKIE_SHA1 authentication mechanism was susceptible to a symbolic link attack. A local attacker could take advantage of this flaw to bypass authen ... oval:org.secpod.oval:def:55529 dbus: simple interprocess messaging system DBus could allow unintended access to services. oval:org.secpod.oval:def:507901 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix: * dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered F ... oval:org.secpod.oval:def:507890 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix: * dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered F ... oval:org.secpod.oval:def:1506383 [1.12.20-7.0.1] - fix netlink poll: error 4 [1:1.12.20-7] - Fix CVE-2022-42010 - Fix CVE-2022-42011 - Fix CVE-2022-42012 oval:org.secpod.oval:def:88412 Evgeny Vereshchagin discovered multiple vulnerabilities in D-Bus, a simple interprocess messaging system, which may result in denial of service by an authenticated user. oval:org.secpod.oval:def:2500915 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. oval:org.secpod.oval:def:707788 dbus: simple interprocess messaging system Several security issues were fixed in DBus. oval:org.secpod.oval:def:5800016 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix: * dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets * dbus: d ... oval:org.secpod.oval:def:1506352 [1.12.8-23.0.1] - fix netlink poll: error 4 [1:1.12.8-23.1] - Fix CVE-2022-42010 - Fix CVE-2022-42011 - Fix CVE-2022-42012 oval:org.secpod.oval:def:124300 D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. oval:org.secpod.oval:def:4501180 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix: * dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets * dbus: d ... oval:org.secpod.oval:def:19500123 An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. An issue was discovered in D-Bus bef ... oval:org.secpod.oval:def:2600127 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. oval:org.secpod.oval:def:507490 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix: * dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets * dbus: d ... oval:org.secpod.oval:def:88621 dbus: simple interprocess messaging system Several security issues were fixed in DBus. oval:org.secpod.oval:def:2004218 An issue was discovered in dbus oval:org.secpod.oval:def:66562 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix: * dbus: denial of service via file descriptor leak For more details about the security issue, including the impact, ... oval:org.secpod.oval:def:80406 dbus: simple interprocess messaging system Details: USN-5244-1 fixed a vulnerability in DBus. This update provides the corresponding update for Linux Mint 19.x LTS and Linux Mint 20.x LTS. Original advisory DBus could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:705514 dbus: simple interprocess messaging system DBus could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:205591 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix: * dbus: denial of service via file descriptor leak For more details about the security issue, including the impact, ... oval:org.secpod.oval:def:108442 D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. oval:org.secpod.oval:def:601955 Simon McVittie discovered a local denial of service flaw in dbus, an asynchronous inter-process communication system. On systems with systemd-style service activation, dbus-daemon does not prevent forged ActivationFailure messages from non-root processes. A malicious local user could use this flaw t ... oval:org.secpod.oval:def:108398 D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. oval:org.secpod.oval:def:703336 dbus: simple interprocess messaging system Several security issues were fixed in DBus. oval:org.secpod.oval:def:52818 dbus: simple interprocess messaging system Several security issues were fixed in DBus. oval:org.secpod.oval:def:52352 dbus: simple interprocess messaging system DBus could be made to stop responding under certain conditions. oval:org.secpod.oval:def:52301 dbus: simple interprocess messaging system Several security issues were fixed in DBus. oval:org.secpod.oval:def:702212 dbus: simple interprocess messaging system Several security issues were fixed in DBus. oval:org.secpod.oval:def:108190 D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. oval:org.secpod.oval:def:601865 Simon McVittie discovered that the fix for CVE-2014-3636 was incorrect, as it did not fully address the underlying denial-of-service vector. This update starts the D-Bus daemon as root initially, so that it can properly raise its file descriptor count. In addition, this update reverts the auth_timeo ... oval:org.secpod.oval:def:601777 Alban Crequy and Simon McVittie discovered several vulnerabilities in the D-Bus message daemon. CVE-2014-3635 On 64-bit platforms, file descriptor passing could be abused by local users to cause heap corruption in the dbus-daemon crash, leading to a crash, or potentially to arbitrary code execution. ... oval:org.secpod.oval:def:108091 D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. oval:org.secpod.oval:def:108051 D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. oval:org.secpod.oval:def:702312 dbus: simple interprocess messaging system DBus could be made to stop responding under certain conditions. oval:org.secpod.oval:def:702103 dbus: simple interprocess messaging system Several security issues were fixed in DBus. oval:org.secpod.oval:def:601700 Several vulnerabilities have been discovered in dbus, an asynchronous inter-process communication system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-3477 Alban Crequy at Collabora Ltd. discovered that dbus-daemon sends an AccessDenied error to the se ... oval:org.secpod.oval:def:52252 dbus: simple interprocess messaging system Several security issues were fixed in DBus. oval:org.secpod.oval:def:21813 The host is installed with D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20 or 1.8.x before 1.8.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which sends an accessdenied error to the service instead of a client when the client is prohibited from accessing t ... oval:org.secpod.oval:def:107163 D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. oval:org.secpod.oval:def:1503231 Updated dbus packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availab ... oval:org.secpod.oval:def:200521 D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. A denial of service flaw was discovered in the system for sending messages between applications. A local user could send a message with ... oval:org.secpod.oval:def:201456 D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. A denial of service flaw was discovered in the system for sending messages between applications. A local user could send a message with ... oval:org.secpod.oval:def:1503485 Updated dbus packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availab ... oval:org.secpod.oval:def:500204 D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. A denial of service flaw was found in the way the D-Bus library handled endianness conversion when receiving messages. A local user coul ... oval:org.secpod.oval:def:500214 D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. A denial of service flaw was discovered in the system for sending messages between applications. A local user could send a message with ... oval:org.secpod.oval:def:201685 D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. A denial of service flaw was found in the way the D-Bus library handled endianness conversion when receiving messages. A local user coul ... oval:org.secpod.oval:def:201673 D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. A denial of service flaw was found in the way the D-Bus library handled endianness conversion when receiving messages. A local user coul ... oval:org.secpod.oval:def:601053 Alexandru Cornea discovered a vulnerability in libdbus caused by an implementation bug in _dbus_printf_string_upper_bound. This vulnerability can be exploited by a local user to crash system services that use libdbus, causing denial of service. Depending on the dbus services running, it could lead t ... oval:org.secpod.oval:def:19500272 D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon ca ... oval:org.secpod.oval:def:1702052 D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon ca ... |
