Mandriva Linux Security Advisory 2015-176 - Updated dbus packages fix multiple security vulnerabilities.
4be93103f6f354ef453a2dc02b3ccf964ab78327305a7f7671ec1fe2b6855df4Gentoo Linux Security Advisory 201412-12 - Multiple vulnerabilities have been found in D-Bus, possibly resulting in local Denial of Service. Versions less than 1.8.10 are affected.
ace5ab63b7a75f393ac56d393383f548a8b397f417ed2529a932894237c3b60fDebian Linux Security Advisory 3099-1 - Simon McVittie discovered that the fix for CVE-2014-3636 was incorrect, as it did not fully address the underlying denial-of-service vector. This update starts the D-Bus daemon as root initially, so that it can properly raise its file descriptor count.
b16d3d2ddbe47620229c22a1286fd9cd9b5f6f1382c46f6f464f040d0fb9cfd5Ubuntu Security Notice 2425-1 - It was discovered that DBus incorrectly handled a large number of file descriptor messages. A local attacker could use this issue to cause DBus to stop responding, resulting in a denial of service.
df98e002d16cc210ffd23af3c713e5b075ae7b6a0974979d6b56caca058a00f6Mandriva Linux Security Advisory 2014-214 - Alban Crequy and Simon McVittie discovered several vulnerabilities On 64-bit platforms, file descriptor passing could be abused by local users to cause heap corruption in dbus-daemon, leading to a crash, or potentially to arbitrary code execution.
f18c3638c62248de6d67a047b0c027faf904613ac8a45ce27c1d8bbe02610f6b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed