Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3834

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2008-3834
Last Modified 05 May 2014 12:14:29
Published 07 Oct 2008 05:01:52
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-3834

Summary

The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error.

Vulnerable Systems

Application

  • Freedesktop Dbus 0.1

  • Freedesktop Dbus 0.10

  • Freedesktop Dbus 0.11

  • Freedesktop Dbus 0.12

  • Freedesktop Dbus 0.13

  • Freedesktop Dbus 0.2

  • Freedesktop Dbus 0.20

  • Freedesktop Dbus 0.21

  • Freedesktop Dbus 0.22

  • Freedesktop Dbus 0.23

  • Freedesktop Dbus 0.23.1

  • Freedesktop Dbus 0.23.2

  • Freedesktop Dbus 0.23.3

  • Freedesktop Dbus 0.3

  • Freedesktop Dbus 0.31

  • Freedesktop Dbus 0.32

  • Freedesktop Dbus 0.33

  • Freedesktop Dbus 0.34

  • Freedesktop Dbus 0.35

  • Freedesktop Dbus 0.35.1

  • Freedesktop Dbus 0.35.2

  • Freedesktop Dbus 0.36

  • Freedesktop Dbus 0.36.1

  • Freedesktop Dbus 0.36.2

  • Freedesktop Dbus 0.4

  • Freedesktop Dbus 0.5

  • Freedesktop Dbus 0.50

  • Freedesktop Dbus 0.6

  • Freedesktop Dbus 0.61

  • Freedesktop Dbus 0.62

  • Freedesktop Dbus 0.7

  • Freedesktop Dbus 0.8

  • Freedesktop Dbus 0.9

  • Freedesktop Dbus 0.90

  • Freedesktop Dbus 0.91

  • Freedesktop Dbus 0.92

  • Freedesktop Dbus 1.0.2

  • Freedesktop Dbus 1.1.1

  • Freedesktop Dbus 1.1.2

  • Freedesktop Dbus 1.1.4

  • Freedesktop Dbus1.0 Rc1

  • Freedesktop Dbus1.0 Rc2

  • Freedesktop Dbus1.0 Rc3

  • Freedesktop Dbus1.1.0


References

FEDORA - FEDORA-2008-8764

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3834

CONFIRM - https://bugs.freedesktop.org/show_bug.cgi?id=17803

XF - dbus-dbusvalidatesignaturewithreason-dos(45701)

VUPEN - ADV-2008-2762

UBUNTU - USN-653-1

SECTRACK - 1021063

BID - 31602

REDHAT - RHSA-2009:0008

MILW0RM - 7822

MANDRIVA - MDVSA-2008:213

CONFIRM - http://www.freedesktop.org/wiki/Software/dbus#head-dad0dab297a44f1d7a3b1259cfc06b583fd6a88a

DEBIAN - DSA-1658

SECUNIA - 33396

SECUNIA - 32385

SECUNIA - 32281

SECUNIA - 32230

SECUNIA - 32127

SUSE - SUSE-SR:2008:027

SUSE - openSUSE-SU-2012:1418

Related Patches

Novell SUSE 2008:5701 dbus-1 security update for SLE 10 i586


Last Updated: 27 May 2016 11:05:11