ID CVE-2010-4352
Summary Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 allows local users to cause a denial of service (daemon crash) via a message containing many nested variants.
References
Vulnerable Configurations
  • D-Bus Project D-Bus 1.4.0
    cpe:2.3:a:d-bus_project:d-bus:1.4.0
CVSS
Base: 2.1 (as of 11-07-2014 - 10:41)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2149.NASL
    description Remi Denis-Courmont discovered that dbus, a message bus application, is not properly limiting the nesting level when examining messages with extensive nested variants. This allows an attacker to crash the dbus system daemon due to a call stack overflow via crafted messages.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 51588
    published 2011-01-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51588
    title Debian DSA-2149-1 : dbus - denial of service
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_DBUS-1-110418.NASL
    description Local users could crash the D-Bus daemon by sending a specially crafted message (CVE-2010-4352). This update also properly fixes CVE-2008-3834 / CVE-2009-1189.
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 53587
    published 2011-04-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53587
    title SuSE 11.1 Security Update : dbus (SAT Patch Number 4434)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1044-1.NASL
    description Remi Denis-Courmont discovered that D-Bus did not properly validate the number of nested variants when validating D-Bus messages. A local attacker could exploit this to cause a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 51572
    published 2011-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51572
    title Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : dbus vulnerability (USN-1044-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_DBUS-1-7482.NASL
    description Local users could crash the D-Bus daemon by sending a specially crafted message (CVE-2010-4352). This update also properly fixes CVE-2008-3834 / CVE-2009-1189.
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 57177
    published 2011-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57177
    title SuSE 10 Security Update : dbus (ZYPP Patch Number 7482)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_DBUS-1-110211.NASL
    description Local users could crash the D-Bus daemon by sending a specially crafted message. (CVE-2010-4352) Also RPM requirements were adjusted to make appliance installations work better.
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 52066
    published 2011-02-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=52066
    title SuSE 11.1 Security Update : dbus (SAT Patch Number 3941)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_DBUS-1-7483.NASL
    description Local users could crash the D-Bus daemon by sending a specially crafted message (CVE-2010-4352). This update also properly fixes CVE-2008-3834 / CVE-2009-1189.
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 53590
    published 2011-04-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53590
    title SuSE 10 Security Update : dbus (ZYPP Patch Number 7483)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2012-750.NASL
    description 6 vulnerabilities were discovered for the dbus-1 and dbus-1-x11 packages in openSUSE versions 11.4, 12.1, and 12.2.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 74795
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74795
    title openSUSE Security Update : dbus-1 / dbus-1-x11 (openSUSE-SU-2012:1418-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2011-0376.NASL
    description Updated dbus packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. A denial of service flaw was discovered in the system for sending messages between applications. A local user could send a message with an excessive number of nested variants to the system-wide message bus, causing the message bus (and, consequently, any process using libdbus to receive messages) to abort. (CVE-2010-4352) All users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all running instances of dbus-daemon and all running applications using the libdbus library must be restarted, or the system rebooted.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 52764
    published 2011-03-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=52764
    title RHEL 5 / 6 : dbus (RHSA-2011:0376)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-19166.NASL
    description You need to reboot to apply this update. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 51378
    published 2010-12-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51378
    title Fedora 14 : dbus-1.4.0-2.fc14 (2010-19166)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201110-14.NASL
    description The remote host is affected by the vulnerability described in GLSA-201110-14 (D-Bus: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in D-Bus. Please review the CVE identifiers referenced below for details. Impact : The vulnerabilities allow for local Denial of Service (daemon crash), or arbitrary file overwriting. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 56589
    published 2011-10-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56589
    title GLSA-201110-14 : D-Bus: Multiple vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_3_DBUS-1-110426.NASL
    description Local users could crash the D-Bus daemon by sending a specially crafted message (CVE-2010-4352).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75460
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75460
    title openSUSE Security Update : dbus-1 (openSUSE-SU-2011:0401-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-19178.NASL
    description You need to reboot to apply this update. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 53395
    published 2011-04-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53395
    title Fedora 13 : dbus-1.2.24-2.fc13 (2010-19178)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2011-0376.NASL
    description From Red Hat Security Advisory 2011:0376 : Updated dbus packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. A denial of service flaw was discovered in the system for sending messages between applications. A local user could send a message with an excessive number of nested variants to the system-wide message bus, causing the message bus (and, consequently, any process using libdbus to receive messages) to abort. (CVE-2010-4352) All users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all running instances of dbus-daemon and all running applications using the libdbus library must be restarted, or the system rebooted.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68236
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68236
    title Oracle Linux 5 / 6 : dbus (ELSA-2011-0376)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_2_DBUS-1-110426.NASL
    description Local users could crash the D-Bus daemon by sending a specially crafted message (CVE-2010-4352).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 53704
    published 2011-05-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53704
    title openSUSE Security Update : dbus-1 (openSUSE-SU-2011:0401-1)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20110322_DBUS_ON_SL5_X.NASL
    description A denial of service flaw was discovered in the system for sending messages between applications. A local user could send a message with an excessive number of nested variants to the system-wide message bus, causing the message bus (and, consequently, any process using libdbus to receive messages) to abort. (CVE-2010-4352) For the update to take effect, all running instances of dbus-daemon and all running applications using the libdbus library must be restarted, or the system rebooted.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 60992
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60992
    title Scientific Linux Security Update : dbus on SL5.x, SL6.x i386/x86_64
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2011-0376.NASL
    description Updated dbus packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. A denial of service flaw was discovered in the system for sending messages between applications. A local user could send a message with an excessive number of nested variants to the system-wide message bus, causing the message bus (and, consequently, any process using libdbus to receive messages) to abort. (CVE-2010-4352) All users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all running instances of dbus-daemon and all running applications using the libdbus library must be restarted, or the system rebooted.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 53429
    published 2011-04-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53429
    title CentOS 5 : dbus (CESA-2011:0376)
redhat via4
advisories
bugzilla
id 663673
title CVE-2010-4352 D-BUS: Stack overflow by validating message with excessive number of nested variants
oval
OR
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment dbus is earlier than 0:1.1.2-15.el5_6
          oval oval:com.redhat.rhsa:tst:20110376002
        • comment dbus is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080159003
      • AND
        • comment dbus-devel is earlier than 0:1.1.2-15.el5_6
          oval oval:com.redhat.rhsa:tst:20110376008
        • comment dbus-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080159007
      • AND
        • comment dbus-libs is earlier than 0:1.1.2-15.el5_6
          oval oval:com.redhat.rhsa:tst:20110376006
        • comment dbus-libs is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100018007
      • AND
        • comment dbus-x11 is earlier than 0:1.1.2-15.el5_6
          oval oval:com.redhat.rhsa:tst:20110376004
        • comment dbus-x11 is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080159005
  • AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment dbus is earlier than 1:1.2.24-4.el6_0
          oval oval:com.redhat.rhsa:tst:20110376014
        • comment dbus is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110376015
      • AND
        • comment dbus-devel is earlier than 1:1.2.24-4.el6_0
          oval oval:com.redhat.rhsa:tst:20110376016
        • comment dbus-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110376017
      • AND
        • comment dbus-doc is earlier than 1:1.2.24-4.el6_0
          oval oval:com.redhat.rhsa:tst:20110376018
        • comment dbus-doc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110376019
      • AND
        • comment dbus-libs is earlier than 1:1.2.24-4.el6_0
          oval oval:com.redhat.rhsa:tst:20110376020
        • comment dbus-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110376021
      • AND
        • comment dbus-x11 is earlier than 1:1.2.24-4.el6_0
          oval oval:com.redhat.rhsa:tst:20110376022
        • comment dbus-x11 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110376023
rhsa
id RHSA-2011:0376
released 2011-03-22
severity Moderate
title RHSA-2011:0376: dbus security update (Moderate)
rpms
  • dbus-0:1.1.2-15.el5_6
  • dbus-devel-0:1.1.2-15.el5_6
  • dbus-libs-0:1.1.2-15.el5_6
  • dbus-x11-0:1.1.2-15.el5_6
  • dbus-1:1.2.24-4.el6_0
  • dbus-devel-1:1.2.24-4.el6_0
  • dbus-doc-1:1.2.24-4.el6_0
  • dbus-libs-1:1.2.24-4.el6_0
  • dbus-x11-1:1.2.24-4.el6_0
refmap via4
bid 45377
confirm
debian DSA-2149
fedora FEDORA-2010-19166
misc http://www.remlab.net/op/dbus-variant-recursion.shtml
mlist
  • [oss-security] 20101216 CVE Request -- D-BUS -- Stack frame overflow by validating message with excessive number of nested variants
  • [oss-security] 20101216 Re: CVE Request -- D-BUS -- Stack frame overflow by validating message with excessive number of nested variants
  • [oss-security] 20101221 Re: Re: CVE Request -- D-BUS -- Stack frame overflow by validating message with excessive number of nested variants
secunia
  • 42580
  • 42760
  • 42911
  • 42960
suse
  • SUSE-SR:2011:004
  • openSUSE-SU-2012:1418
ubuntu USN-1044-1
vupen
  • ADV-2010-3325
  • ADV-2011-0161
  • ADV-2011-0178
  • ADV-2011-0464
Last major update 07-12-2016 - 22:01
Published 30-12-2010 - 14:00
Back to Top