Debian Security Advisory DSA 1658-1 (dbus) Network Vulnerability

Summary

The remote host is missing an update to dbus announced via advisory DSA 1658-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201658-1

Insight

Colin Walters discovered that the dbus_signature_validate function in dbus, a simple interprocess messaging system, is prone to a denial of service attack. For the stable distribution (etch), this problem has been fixed in version 1.0.2-1+etch2. For the testing distribution (lenny) and unstable distribution (sid) this problem will be fixed soon. We recommend that you upgrade your dbus package.

Severity

Classification

CVE CVE-2008-3834

CVSS	Base Score: 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1040-1 (gdm)
Debian Security Advisory DSA 2627-1 (nginx - information leak)
Debian Security Advisory DSA 1060-1 (kernel-patch-vserver)
Debian Security Advisory DSA 202-1 (im)
Debian Security Advisory DSA 1130-1 (sitebar)

Take action and discover your vulnerabilities