Denial of service vulnerability in D-Bus via a D-Bus message - CVE-2014-3477ID: oval:org.secpod.oval:def:21813 | Date: (C)2014-12-01 (M)2024-01-02 |
Class: VULNERABILITY | Family: unix |
The host is installed with D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20 or 1.8.x before 1.8.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which sends an accessdenied error to the service instead of a client when the client is prohibited from accessing the service. Successful exploitation allows local users to cause a denial of service (initialization failure and exit).
Platform: |
Red Hat Enterprise Linux 6 |
Red Hat Enterprise Linux 7 |
Red Hat Enterprise Linux 5 |