Download
| Alert*
oval:org.secpod.oval:def:2004218
An issue was discovered in dbus oval:org.secpod.oval:def:2106315 Oracle Solaris 11 - ( CVE-2020-12049 ) oval:org.secpod.oval:def:205591 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix: * dbus: denial of service via file descriptor leak For more details about the security issue, including the impact, ... oval:org.secpod.oval:def:89047229 This update for dbus-1 fixes the following issues: - CVE-2020-12049: truncated messages lead to resource exhaustion. Special Instructions and Notes: Please reboot the system after installing this update. oval:org.secpod.oval:def:89045108 This update for dbus-1 fixes the following issues: - CVE-2020-35512: users with the same numeric UID could lead to use-after-free and undefined behaviour - CVE-2020-12049: truncated messages lead to resource exhaustion Special Instructions and Notes: Please reboot the system after installing this ... oval:org.secpod.oval:def:89045487 This update for dbus-1 fixes the following issues: - CVE-2020-12049: truncated messages lead to resource exhaustion Special Instructions and Notes: Please reboot the system after installing this update. oval:org.secpod.oval:def:1502992 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502974 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:503806 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix: * dbus: denial of service via file descriptor leak For more details about the security issue, including the impact, ... oval:org.secpod.oval:def:89045475 This update for dbus-1 fixes the following issues: - CVE-2020-35512: Fixed a bug where users with the same numeric UID could lead to use-after-free and undefined behaviour. - CVE-2020-12049: Fixed a bug where a truncated messages lead to resource exhaustion oval:org.secpod.oval:def:1801987 An issue was discovered in dbus before 1.12.18. oval:org.secpod.oval:def:64132 dbus: simple interprocess messaging system DBus could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:66562 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix: * dbus: denial of service via file descriptor leak For more details about the security issue, including the impact, ... oval:org.secpod.oval:def:705514 dbus: simple interprocess messaging system DBus could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:1701056 A flaw was found in dbus. The implementation of DBUS_COOKIE_SHA1 is susceptible to a symbolic link attack. A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause the DBusServer to read and write in unintended locations resulting in an auth ... oval:org.secpod.oval:def:503819 D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix: * dbus: denial of service via file descriptor leak For more details about the security issue, including the impact, ... |