Vulnerability-Lookup - Search a vulnerability

Vulnerabilites related to freedesktop - dbus1.0

Vulnerability from fkie_nvd

Published

2008-10-07 21:01

Modified

2024-11-21 00:50

Severity ?

Summary

The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error.

References

URL	Tags
secalert@redhat.com	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html
secalert@redhat.com	http://secunia.com/advisories/32127	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/32230
secalert@redhat.com	http://secunia.com/advisories/32281
secalert@redhat.com	http://secunia.com/advisories/32385
secalert@redhat.com	http://secunia.com/advisories/33396
secalert@redhat.com	http://www.debian.org/security/2008/dsa-1658
secalert@redhat.com	http://www.freedesktop.org/wiki/Software/dbus#head-dad0dab297a44f1d7a3b1259cfc06b583fd6a88a
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2008:213
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2009-0008.html
secalert@redhat.com	http://www.securityfocus.com/bid/31602
secalert@redhat.com	http://www.securitytracker.com/id?1021063
secalert@redhat.com	http://www.ubuntu.com/usn/usn-653-1
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/2762
secalert@redhat.com	https://bugs.freedesktop.org/show_bug.cgi?id=17803
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3834
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/45701
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10253
secalert@redhat.com	https://www.exploit-db.com/exploits/7822
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00298.html
af854a3a-2127-422b-91ae-364da2661108	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/32127	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/32230
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/32281
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/32385
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/33396
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1658
af854a3a-2127-422b-91ae-364da2661108	http://www.freedesktop.org/wiki/Software/dbus#head-dad0dab297a44f1d7a3b1259cfc06b583fd6a88a
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:213
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2009-0008.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/31602
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1021063
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-653-1
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/2762
af854a3a-2127-422b-91ae-364da2661108	https://bugs.freedesktop.org/show_bug.cgi?id=17803
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3834
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/45701
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10253
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/7822
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00298.html

Impacted products

Vendor	Product	Version
freedesktop	dbus	*
freedesktop	dbus	0.1
freedesktop	dbus	0.2
freedesktop	dbus	0.3
freedesktop	dbus	0.4
freedesktop	dbus	0.5
freedesktop	dbus	0.6
freedesktop	dbus	0.7
freedesktop	dbus	0.8
freedesktop	dbus	0.9
freedesktop	dbus	0.10
freedesktop	dbus	0.11
freedesktop	dbus	0.12
freedesktop	dbus	0.13
freedesktop	dbus	0.20
freedesktop	dbus	0.21
freedesktop	dbus	0.22
freedesktop	dbus	0.23
freedesktop	dbus	0.23.1
freedesktop	dbus	0.23.2
freedesktop	dbus	0.23.3
freedesktop	dbus	0.31
freedesktop	dbus	0.32
freedesktop	dbus	0.33
freedesktop	dbus	0.34
freedesktop	dbus	0.35
freedesktop	dbus	0.35.1
freedesktop	dbus	0.35.2
freedesktop	dbus	0.36
freedesktop	dbus	0.36.1
freedesktop	dbus	0.36.2
freedesktop	dbus	0.50
freedesktop	dbus	0.61
freedesktop	dbus	0.62
freedesktop	dbus	0.90
freedesktop	dbus	0.91
freedesktop	dbus	0.92
freedesktop	dbus	1.0.2
freedesktop	dbus	1.1.1
freedesktop	dbus	1.1.2
freedesktop	dbus1.0	rc1
freedesktop	dbus1.0	rc2
freedesktop	dbus1.0	rc3
freedesktop	dbus1.1.0	*

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F812F6E2-0AFD-43E7-B41B-E42A40F7B9B1",
                     versionEndIncluding: "1.1.4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A2945FB-BDB8-49B7-BA9A-2BB390345FED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "0FE08E05-948A-4A9C-BA91-B2935355D3CB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "CB0A3D5A-8823-4365-83B9-1E370C131F3E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "E6262F9B-30B5-4A7E-AC49-B9221B06CA4A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2F4A579-8F26-47CF-9AE0-41334A9751AD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "E12E1141-5FE4-43BF-B3A0-DC45C593F880",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "B04817C0-14A2-4B75-8747-691D48E70BAC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.8:*:*:*:*:*:*:*",
                     matchCriteriaId: "09C8C79E-AE58-48AE-89DB-E84637543783",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.9:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED4ECF06-79CC-4142-BE6A-AF4E1E981543",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.10:*:*:*:*:*:*:*",
                     matchCriteriaId: "A87CC329-AF59-4882-82E1-851C4E0BB0B0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.11:*:*:*:*:*:*:*",
                     matchCriteriaId: "9BDA4ACC-9166-491C-A8D4-A5418F3B0965",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.12:*:*:*:*:*:*:*",
                     matchCriteriaId: "084A8212-B0FC-41BA-9532-080E8F92B949",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.13:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EB88CDF-0C71-4FE7-9210-C43EBE806416",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.20:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D84E94E-18EB-4276-AF55-2FB9850B08CF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.21:*:*:*:*:*:*:*",
                     matchCriteriaId: "0C6D0AAC-7F4B-48FF-9ACB-8C8844BDD722",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.22:*:*:*:*:*:*:*",
                     matchCriteriaId: "5FD40B16-FF56-4C23-B8A9-D79433713F35",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.23:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5A81FE8-37A0-46CE-AAA4-F00CF4122C71",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.23.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "D8815B87-7910-4E41-AB28-AEAD9F53475A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.23.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "DCEF7E9B-3F19-48CF-862B-B5935824A4C7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.23.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "1FB32F7B-8616-40F5-8D94-4FC97F6AD958",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.31:*:*:*:*:*:*:*",
                     matchCriteriaId: "4EC42FAD-C541-4D91-BDF6-62AA1C894B42",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.32:*:*:*:*:*:*:*",
                     matchCriteriaId: "FAECF21B-68AF-47D8-9540-BB0001087881",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.33:*:*:*:*:*:*:*",
                     matchCriteriaId: "30D0DE09-5F83-423B-AD86-033005D35994",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.34:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6618ACC-B506-4A92-BE4F-346FAC29D24F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.35:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB406736-7185-4E0A-ACC6-4F79AB312FA7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.35.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "18867CA7-E4AE-4312-A6E8-0CC514FCF063",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.35.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C443F3D-5BD0-4E89-99F1-1BC0798666F9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.36:*:*:*:*:*:*:*",
                     matchCriteriaId: "2DA75AB4-4ADF-4E42-8840-B044DC4D9FFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.36.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "D809A431-7BA6-4C9F-8644-33A14389B289",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.36.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "732CD552-3E19-4389-B426-77D5B473866F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.50:*:*:*:*:*:*:*",
                     matchCriteriaId: "1702AE33-38F4-40C5-B448-C863A7E95553",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.61:*:*:*:*:*:*:*",
                     matchCriteriaId: "2392266A-BE81-4494-81C3-942ED56B0558",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.62:*:*:*:*:*:*:*",
                     matchCriteriaId: "BCCA6868-E09D-4616-A9A8-EF63F20C981D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.90:*:*:*:*:*:*:*",
                     matchCriteriaId: "60B6DA02-F08B-4ACE-8F93-F869467BC628",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.91:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B4E7E9B-722E-4EE1-A435-906DE07BEB2B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:0.92:*:*:*:*:*:*:*",
                     matchCriteriaId: "BEF4902A-5598-42B7-8BB0-E9F8AB645D59",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:1.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8671706-FC4E-4485-945C-C397C80D859E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:1.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA34903A-9D38-46FF-B702-D6BEECA96031",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus:1.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "39753912-8A2D-49B0-B90B-43DAF723B34A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus1.0:rc1:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD645A12-104C-492E-88DF-564F5243908C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus1.0:rc2:*:*:*:*:*:*:*",
                     matchCriteriaId: "C8155853-ABF6-44D0-AC28-F57A3F31674A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus1.0:rc3:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C7B4067-5BE5-49AE-8118-9E5D0A09BBA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:freedesktop:dbus1.1.0:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B10EE142-34F2-4BF3-A51A-5A6741F6C2E2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error.",
      },
      {
         lang: "es",
         value: "La función dbus_signature_validat en la librería D-bus (libdbus), versiones anteriores a 1.2.4, permite a los atacantes remotos causar una denegación de servicios (aplicación suspendida) a través de un mensaje que contiene una firma mal formada, el cual lanza un error assertion.",
      },
   ],
   id: "CVE-2008-3834",
   lastModified: "2024-11-21T00:50:13.770",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "LOW",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 2.1,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2008-10-07T21:01:52.150",
   references: [
      {
         source: "secalert@redhat.com",
         url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
      },
      {
         source: "secalert@redhat.com",
         url: "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/32127",
      },
      {
         source: "secalert@redhat.com",
         url: "http://secunia.com/advisories/32230",
      },
      {
         source: "secalert@redhat.com",
         url: "http://secunia.com/advisories/32281",
      },
      {
         source: "secalert@redhat.com",
         url: "http://secunia.com/advisories/32385",
      },
      {
         source: "secalert@redhat.com",
         url: "http://secunia.com/advisories/33396",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.debian.org/security/2008/dsa-1658",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.freedesktop.org/wiki/Software/dbus#head-dad0dab297a44f1d7a3b1259cfc06b583fd6a88a",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:213",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.redhat.com/support/errata/RHSA-2009-0008.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.securityfocus.com/bid/31602",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.securitytracker.com/id?1021063",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.ubuntu.com/usn/usn-653-1",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.vupen.com/english/advisories/2008/2762",
      },
      {
         source: "secalert@redhat.com",
         url: "https://bugs.freedesktop.org/show_bug.cgi?id=17803",
      },
      {
         source: "secalert@redhat.com",
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3834",
      },
      {
         source: "secalert@redhat.com",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45701",
      },
      {
         source: "secalert@redhat.com",
         url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10253",
      },
      {
         source: "secalert@redhat.com",
         url: "https://www.exploit-db.com/exploits/7822",
      },
      {
         source: "secalert@redhat.com",
         url: "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00298.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/32127",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/32230",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/32281",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/32385",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/33396",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.debian.org/security/2008/dsa-1658",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.freedesktop.org/wiki/Software/dbus#head-dad0dab297a44f1d7a3b1259cfc06b583fd6a88a",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:213",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.redhat.com/support/errata/RHSA-2009-0008.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/31602",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securitytracker.com/id?1021063",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.ubuntu.com/usn/usn-653-1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.vupen.com/english/advisories/2008/2762",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://bugs.freedesktop.org/show_bug.cgi?id=17803",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3834",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45701",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10253",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://www.exploit-db.com/exploits/7822",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00298.html",
      },
   ],
   sourceIdentifier: "secalert@redhat.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

cve-2008-3834

Vulnerability from cvelistv5

Published

2008-10-07 19:00

Modified

2024-08-07 09:53

Severity ?

Summary

References

▼	URL	Tags
	http://www.mandriva.com/security/advisories?name=MDVSA-2008:213	vendor-advisory, x_refsource_MANDRIVA
	http://www.debian.org/security/2008/dsa-1658	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/31602	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html	vendor-advisory, x_refsource_SUSE
	https://bugs.freedesktop.org/show_bug.cgi?id=17803	x_refsource_CONFIRM
	http://www.securitytracker.com/id?1021063	vdb-entry, x_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilities/45701	vdb-entry, x_refsource_XF
	https://www.exploit-db.com/exploits/7822	exploit, x_refsource_EXPLOIT-DB
	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3834	x_refsource_CONFIRM
	http://secunia.com/advisories/32385	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/32281	third-party-advisory, x_refsource_SECUNIA
	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00298.html	vendor-advisory, x_refsource_FEDORA
	http://www.freedesktop.org/wiki/Software/dbus#head-dad0dab297a44f1d7a3b1259cfc06b583fd6a88a	x_refsource_CONFIRM
	http://secunia.com/advisories/32230	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10253	vdb-entry, signature, x_refsource_OVAL
	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2008/2762	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/33396	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/32127	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2009-0008.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/usn-653-1	vendor-advisory, x_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-07T09:53:00.382Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "MDVSA-2008:213",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MANDRIVA",
                     "x_transferred",
                  ],
                  url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:213",
               },
               {
                  name: "DSA-1658",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2008/dsa-1658",
               },
               {
                  name: "31602",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/31602",
               },
               {
                  name: "openSUSE-SU-2012:1418",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugs.freedesktop.org/show_bug.cgi?id=17803",
               },
               {
                  name: "1021063",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id?1021063",
               },
               {
                  name: "dbus-dbusvalidatesignaturewithreason-dos(45701)",
                  tags: [
                     "vdb-entry",
                     "x_refsource_XF",
                     "x_transferred",
                  ],
                  url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45701",
               },
               {
                  name: "7822",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/7822",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3834",
               },
               {
                  name: "32385",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/32385",
               },
               {
                  name: "SUSE-SR:2008:027",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html",
               },
               {
                  name: "32281",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/32281",
               },
               {
                  name: "FEDORA-2008-8764",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00298.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.freedesktop.org/wiki/Software/dbus#head-dad0dab297a44f1d7a3b1259cfc06b583fd6a88a",
               },
               {
                  name: "32230",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/32230",
               },
               {
                  name: "oval:org.mitre.oval:def:10253",
                  tags: [
                     "vdb-entry",
                     "signature",
                     "x_refsource_OVAL",
                     "x_transferred",
                  ],
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10253",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
               },
               {
                  name: "ADV-2008-2762",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2008/2762",
               },
               {
                  name: "33396",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/33396",
               },
               {
                  name: "32127",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/32127",
               },
               {
                  name: "RHSA-2009:0008",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://www.redhat.com/support/errata/RHSA-2009-0008.html",
               },
               {
                  name: "USN-653-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/usn-653-1",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2008-10-06T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-09-28T12:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "MDVSA-2008:213",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
               ],
               url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:213",
            },
            {
               name: "DSA-1658",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2008/dsa-1658",
            },
            {
               name: "31602",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/31602",
            },
            {
               name: "openSUSE-SU-2012:1418",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugs.freedesktop.org/show_bug.cgi?id=17803",
            },
            {
               name: "1021063",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id?1021063",
            },
            {
               name: "dbus-dbusvalidatesignaturewithreason-dos(45701)",
               tags: [
                  "vdb-entry",
                  "x_refsource_XF",
               ],
               url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45701",
            },
            {
               name: "7822",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/7822",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3834",
            },
            {
               name: "32385",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/32385",
            },
            {
               name: "SUSE-SR:2008:027",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html",
            },
            {
               name: "32281",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/32281",
            },
            {
               name: "FEDORA-2008-8764",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00298.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.freedesktop.org/wiki/Software/dbus#head-dad0dab297a44f1d7a3b1259cfc06b583fd6a88a",
            },
            {
               name: "32230",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/32230",
            },
            {
               name: "oval:org.mitre.oval:def:10253",
               tags: [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
               ],
               url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10253",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
            },
            {
               name: "ADV-2008-2762",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2008/2762",
            },
            {
               name: "33396",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/33396",
            },
            {
               name: "32127",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/32127",
            },
            {
               name: "RHSA-2009:0008",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://www.redhat.com/support/errata/RHSA-2009-0008.html",
            },
            {
               name: "USN-653-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/usn-653-1",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2008-3834",
      datePublished: "2008-10-07T19:00:00",
      dateReserved: "2008-08-27T00:00:00",
      dateUpdated: "2024-08-07T09:53:00.382Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}