Ubuntu USN-799-1 (dbus) Network Vulnerability

Summary

The remote host is missing an update to dbus announced via advisory USN-799-1.

Solution

The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libdbus-1-2 0.60-6ubuntu8.4 Ubuntu 8.04 LTS: libdbus-1-3 1.1.20-1ubuntu3.3 Ubuntu 8.10: libdbus-1-3 1.2.4-0ubuntu1.1 Ubuntu 9.04: libdbus-1-3 1.2.12-0ubuntu2.1 After a standard system upgrade you need to reboot your computer to effect the necessary changes. https://secure1.securityspace.com/smysecure/catid.html?in=USN-799-1

Insight

It was discovered that the D-Bus library did not correctly validate signatures. If a local user sent a specially crafted D-Bus key, they could spoof a valid signature and bypass security policies.

Severity

Classification

CVE

CVE-2008-0196, CVE-2008-2327, CVE-2009-0034, CVE-2009-0037, CVE-2009-0040, CVE-2009-0352, CVE-2009-0353, CVE-2009-0652, CVE-2009-0771, CVE-2009-0772, CVE-2009-0773, CVE-2009-0774, CVE-2009-0776, CVE-2009-0858, CVE-2009-1185, CVE-2009-1189, CVE-2009-1302, CVE-2009-1303, CVE-2009-1307, CVE-2009-1392, CVE-2009-1422, CVE-2009-1423, CVE-2009-1424, CVE-2009-1425, CVE-2009-1832, CVE-2009-1836, CVE-2009-1838, CVE-2009-1841, CVE-2009-1890, CVE-2009-1891, CVE-2009-1959, CVE-2009-2285, CVE-2009-2295, CVE-2009-2334, CVE-2009-2335, CVE-2009-2336, CVE-2009-2347, CVE-2009-2360

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Take action and discover your vulnerabilities