- Home
- CVEs with nessus.description==From+Red+Hat+Security+Advisory+2010%3A0018+%3A%0A%0AUpdated+dbus+packages+that+fix+a+security+issue+are+now+available+for+Red+Hat+Enterprise+Linux+5.%0A%0AThis+update+has+been+rated+as+having+moderate+security+impact+by+the+Red+Hat+Security+Response+Team.%0A%0AD-Bus+is+a+system+for+sending+messages+between+applications.+It+is+used+for+the+system-wide+message+bus+service+and+as+a+per-user-login-session+messaging+facility.%0A%0AIt+was+discovered+that+the+Red+Hat+Security+Advisory+RHSA-2009%3A0008+did+not+correctly+fix+the+denial+of+service+flaw+in+the+system+for+sending+messages+between+applications.+A+local+user+could+use+this+flaw+to+send+a+message+with+a+malformed+signature+to+the+bus%2C+causing+the+bus+%28and%2C+consequently%2C+any+process+using+libdbus+to+receive+messages%29+to+abort.+%28CVE-2009-1189%29%0A%0ANote%3A+Users+running+any+application+providing+services+over+the+system+message+bus+are+advised+to+test+this+update+carefully+before+deploying+it+in+production+environments.%0A%0AAll+users+are+advised+to+upgrade+to+these+updated+packages%2C+which+contain+a+backported+patch+to+correct+this+issue.+For+the+update+to+take+effect%2C+all+running+instances+of+dbus-daemon+and+all+running+applications+using+the+libdbus+library+must+be+restarted%2C+or+the+system+rebooted
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top