Solution
Please Install the Updated Packages.
Insight
A vulnerability was discovered by Havoc Pennington in how the dbus-daemon applied its security policy. A user with the ability to connect to the dbus-daemon could possibly execute certain method calls that they should not normally have access to.
The updated packages have been patched to correct these issues.
Users will have to reboot the system once these packages have been installed in order to prevent problems due to service dependencies on the messagebus service.
Affected
dbus on Mandriva Linux 2007.0,
Mandriva Linux 2007.0/X86_64,
Mandriva Linux 2007.1,
Mandriva Linux 2007.1/X86_64,
Mandriva Linux 2008.0,
Mandriva Linux 2008.0/X86_64
Severity
Classification
-
CVE CVE-2008-0595 -
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities