Summary
The remote host is missing an update to dbus
announced via advisory USN-799-1.
Solution
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS:
libdbus-1-2 0.60-6ubuntu8.4
Ubuntu 8.04 LTS:
libdbus-1-3 1.1.20-1ubuntu3.3
Ubuntu 8.10:
libdbus-1-3 1.2.4-0ubuntu1.1
Ubuntu 9.04:
libdbus-1-3 1.2.12-0ubuntu2.1
After a standard system upgrade you need to reboot your computer to effect the necessary changes.
https://secure1.securityspace.com/smysecure/catid.html?in=USN-799-1
Insight
It was discovered that the D-Bus library did not correctly validate signatures. If a local user sent a specially crafted D-Bus key, they could spoof a valid signature and bypass security policies.
Severity
Classification
-
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities