Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8148

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2014-8148
Last Modified 05 Mar 2015 09:59:49
Published 26 Jan 2015 10:59:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2014-8148

Summary

The default D-Bus access control rule in Midgard2 10.05.7.1 allows local users to send arbitrary method calls or signals to any process on the system bus and possibly execute arbitrary code with root privileges.

Vulnerable Systems

Operating System

  • Novell Opensuse 13.1

  • Novell Opensuse 13.2

Application

  • Midgard-project Midgard2 10.05.7.1

  • Midgard-project Midguard2 10.05.7.1


References

MLIST - [oss-security] 20150105 CVE-2014-8148: midgard-core configures D-Bus system bus to be insecure

SUSE - openSUSE-SU-2015:0111

SUSE - openSUSE-SU-2015:0300


Last Updated: 27 May 2016 11:07:58