The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and 1.8.x before 1.8.4, sends an AccessDenied error to the service instead of a client when the client is prohibited from accessing the service, which allows local users to cause a denial of service (initialization failure and exit) or possibly conduct a side-channel attack via a D-Bus message to an inactive service.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:08
Type | Values Removed | Values Added |
---|---|---|
References | () http://advisories.mageia.org/MGASA-2014-0266.html - | |
References | () http://cgit.freedesktop.org/dbus/dbus/commit/?h=dbus-1.8&id=24c590703ca47eb71ddef453de43126b90954567 - Patch | |
References | () http://lists.opensuse.org/opensuse-updates/2014-06/msg00042.html - | |
References | () http://lists.opensuse.org/opensuse-updates/2014-07/msg00012.html - | |
References | () http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html - | |
References | () http://seclists.org/oss-sec/2014/q2/509 - Patch | |
References | () http://secunia.com/advisories/59428 - | |
References | () http://secunia.com/advisories/59611 - | |
References | () http://secunia.com/advisories/59798 - | |
References | () http://www.debian.org/security/2014/dsa-2971 - | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2015:176 - | |
References | () http://www.securityfocus.com/bid/67986 - | |
References | () https://bugs.freedesktop.org/show_bug.cgi?id=78979 - |
27 Dec 2023, 16:36
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:d-bus_project:d-bus:1.2.3:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.2.22:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.4.26:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.4.10:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.2.20:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.4.8:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.4.1:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.3.0:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.6.2:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.4.6:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.4.0:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.6.6:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.2.1:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.6.8:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.2.16:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.2.24:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.6.18:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.2.8:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.2.18:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.6.14:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.8.0:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.6.4:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.4.22:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.2.12:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.6.16:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.4.16:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.6.0:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.2.14:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.8.2:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.4.4:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.4.14:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.2.26:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.4.18:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.4.24:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.6.12:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.2.6:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.2.30:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.2.28:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.4.12:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.6.10:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.2.10:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.2.4:*:*:*:*:*:*:* cpe:2.3:a:d-bus_project:d-bus:1.3.1:*:*:*:*:*:*:* |
cpe:2.3:a:freedesktop:dbus:1.2.18:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.2.6:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.2.30:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.2.22:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.8.0:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.6.4:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.2.12:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.4.10:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.4.8:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.3.1:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.6.6:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.2.10:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.4.18:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.2.20:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.6.16:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.2.28:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.4.0:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.4.26:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.6.12:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.2.3:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.6.2:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.2.4:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.2.26:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.8.2:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.6.14:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.2.14:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.4.14:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.6.0:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.4.24:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.4.1:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.4.16:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.4.22:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.4.4:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.6.18:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.2.8:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.2.24:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.4.6:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.4.20:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.4.12:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.6.10:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.2.1:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.3.0:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.6.8:*:*:*:*:*:*:* cpe:2.3:a:freedesktop:dbus:1.2.16:*:*:*:*:*:*:* |
First Time |
Freedesktop dbus
Freedesktop |
Information
Published : 2014-07-01 17:55
Updated : 2024-11-21 02:08
NVD link : CVE-2014-3477
Mitre link : CVE-2014-3477
CVE.ORG link : CVE-2014-3477
JSON object : View
Products Affected
d-bus_project
- d-bus
freedesktop
- dbus
CWE