CVE-2014-3477

The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and 1.8.x before 1.8.4, sends an AccessDenied error to the service instead of a client when the client is prohibited from accessing the service, which allows local users to cause a denial of service (initialization failure and exit) or possibly conduct a side-channel attack via a D-Bus message to an inactive service.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:d-bus_project:d-bus:1.2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.8:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.10:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.12:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.14:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.16:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.18:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.20:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.22:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.24:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.26:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.28:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.30:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.8:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.10:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.12:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.14:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.16:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.18:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.20:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.22:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.24:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.26:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.6.4:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.6.6:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.6.8:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.6.10:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.6.12:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.6.14:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.6.16:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.6.18:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.8.2:*:*:*:*:*:*:*

History

21 Nov 2024, 02:08

Type Values Removed Values Added
References () http://advisories.mageia.org/MGASA-2014-0266.html - () http://advisories.mageia.org/MGASA-2014-0266.html -
References () http://cgit.freedesktop.org/dbus/dbus/commit/?h=dbus-1.8&id=24c590703ca47eb71ddef453de43126b90954567 - Patch () http://cgit.freedesktop.org/dbus/dbus/commit/?h=dbus-1.8&id=24c590703ca47eb71ddef453de43126b90954567 - Patch
References () http://lists.opensuse.org/opensuse-updates/2014-06/msg00042.html - () http://lists.opensuse.org/opensuse-updates/2014-06/msg00042.html -
References () http://lists.opensuse.org/opensuse-updates/2014-07/msg00012.html - () http://lists.opensuse.org/opensuse-updates/2014-07/msg00012.html -
References () http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html - () http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html -
References () http://seclists.org/oss-sec/2014/q2/509 - Patch () http://seclists.org/oss-sec/2014/q2/509 - Patch
References () http://secunia.com/advisories/59428 - () http://secunia.com/advisories/59428 -
References () http://secunia.com/advisories/59611 - () http://secunia.com/advisories/59611 -
References () http://secunia.com/advisories/59798 - () http://secunia.com/advisories/59798 -
References () http://www.debian.org/security/2014/dsa-2971 - () http://www.debian.org/security/2014/dsa-2971 -
References () http://www.mandriva.com/security/advisories?name=MDVSA-2015:176 - () http://www.mandriva.com/security/advisories?name=MDVSA-2015:176 -
References () http://www.securityfocus.com/bid/67986 - () http://www.securityfocus.com/bid/67986 -
References () https://bugs.freedesktop.org/show_bug.cgi?id=78979 - () https://bugs.freedesktop.org/show_bug.cgi?id=78979 -

27 Dec 2023, 16:36

Type Values Removed Values Added
CPE cpe:2.3:a:d-bus_project:d-bus:1.4.20:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.2.22:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.4.26:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.4.10:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.2.20:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.4.8:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.6.6:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.6.8:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.2.16:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.2.24:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.6.18:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.2.8:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.2.18:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.6.14:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.6.4:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.4.22:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.2.12:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.6.16:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.4.16:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.2.14:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.8.2:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.4.14:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.2.26:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.4.18:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.4.24:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.6.12:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.2.30:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.2.28:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.4.12:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.6.10:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.2.10:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.18:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.30:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.22:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.6.4:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.12:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.10:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.8:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.6.6:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.10:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.18:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.20:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.6.16:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.28:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.26:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.6.12:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.26:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.8.2:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.6.14:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.14:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.14:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.24:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.16:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.22:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.6.18:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.8:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.24:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.20:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.4.12:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.6.10:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.6.8:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.2.16:*:*:*:*:*:*:*
First Time Freedesktop dbus
Freedesktop

Information

Published : 2014-07-01 17:55

Updated : 2024-11-21 02:08


NVD link : CVE-2014-3477

Mitre link : CVE-2014-3477

CVE.ORG link : CVE-2014-3477


JSON object : View

Products Affected

d-bus_project

  • d-bus

freedesktop

  • dbus