Mandriva Linux Security Advisory 2009-256 - The _dbus_validate_signature_with_reason function (dbus-marshal-validate.c) in D-Bus (aka DBus) uses incorrect logic to validate a basic type, which allows remote attackers to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix for CVE-2008-3834. This update provides a fix for this vulnerability. Packages for 2008.0 are being provided due to extended support for Corporate products.
bb5001d2543ba67e5815d872583ca49d88797f5e1091d25d88e9bd083112993aMandriva Linux Security Advisory 2009-256 - The _dbus_validate_signature_with_reason function (dbus-marshal-validate.c) in D-Bus (aka DBus) uses incorrect logic to validate a basic type, which allows remote attackers to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix for CVE-2008-3834. This update provides a fix for this vulnerability.
be11fbcb9ef4def25583c0f75c0c88ef8b0beb6701fbb030662859d60a81491cDebian Security Advisory 1837-1 - It was discovered that the dbus_signature_validate function in dbus, a simple interprocess messaging system, is prone to a denial of service attack. This issue was caused by an incorrect fix for DSA-1658-1.
3a59f784c1f6132a397a122319908cb083f488ca4ee4aa00214ed8c13fedd9feUbuntu Security Notice USN-799-1 - It was discovered that the D-Bus library did not correctly validate signatures. If a local user sent a specially crafted D-Bus key, they could spoof a valid signature and bypass security policies.
d478213a621a4417020bea1db18714e63d38cad8b46e524f8b76b5e337178424
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed