CVE-2014-8148

The default D-Bus access control rule in Midgard2 10.05.7.1 allows local users to send arbitrary method calls or signals to any process on the system bus and possibly execute arbitrary code with root privileges.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:midgard-project:midgard2:10.05.7.1:*:*:*:*:*:*:*

History

21 Nov 2024, 02:18

Type Values Removed Values Added
References () http://lists.opensuse.org/opensuse-updates/2015-01/msg00051.html - Third Party Advisory () http://lists.opensuse.org/opensuse-updates/2015-01/msg00051.html - Third Party Advisory
References () http://lists.opensuse.org/opensuse-updates/2015-02/msg00066.html - Third Party Advisory () http://lists.opensuse.org/opensuse-updates/2015-02/msg00066.html - Third Party Advisory
References () http://www.openwall.com/lists/oss-security/2015/01/05/2 - Mailing List, Third Party Advisory () http://www.openwall.com/lists/oss-security/2015/01/05/2 - Mailing List, Third Party Advisory

Information

Published : 2015-01-26 15:59

Updated : 2024-11-21 02:18


NVD link : CVE-2014-8148

Mitre link : CVE-2014-8148

CVE.ORG link : CVE-2014-8148


JSON object : View

Products Affected

midgard-project

  • midgard2

opensuse

  • opensuse
CWE
CWE-264

Permissions, Privileges, and Access Controls