User: Password:
Subscribe / Log in / New account

Pardus alert 2011-93 (dbus)

From:  Meltem Parmaksız <>
Subject:  [Pardus-security] [PLSA 2011-93] D-bus: Denial of Service
Date:  Tue, 12 Jul 2011 11:26:09 +0300
Message-ID:  <>
Archive-link:  Article, Thread

------------------------------------------------------------------------ Pardus Linux Security Advisory 2011-93 ------------------------------------------------------------------------ Date: 2011-07-11 Severity: 3 Type: Local ------------------------------------------------------------------------ Summary ======= A vulnerability has been fixed in d-bus. Description =========== CVE-2011-2200: It was found that D-BUS message bus service / messaging facility did not update the byte-order flag of the message properly by swapping the byte order of incoming messages into their native endiannes. A local, authenticated user could use this flaw to send a specially-crafted message to a system service (like Avahi or NetworkManager), using the system bus, potentially leading to disconnect of such a service from system bus (denial of service). Affected packages: Pardus 2009: dbus, all before Resolution ========== There are update(s) for dbus. You can update them via Package Manager or with a single command from console: pisi up dbus References ========== * * * ------------------------------------------------------------------------ _______________________________________________ Pardus-Security mailing list

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds