CVE-2008-3834 - NVD | ByteOS Network

NVD Vulnerability Details :

CVE-2008-3834

Modified

More Info Official Page

Source-secalert@redhat.com

Published At-07 Oct, 2008 | 21:01

Updated At-29 Sep, 2017 | 01:31

The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	2.1	LOW	AV:L/AC:L/Au:N/C:N/I:N/A:P

CPE Matches

freedesktop.org

>>dbus>>Versions up to 1.1.4(inclusive)

cpe:2.3:a:freedesktop:dbus:*:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.1

cpe:2.3:a:freedesktop:dbus:0.1:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.2

cpe:2.3:a:freedesktop:dbus:0.2:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.3

cpe:2.3:a:freedesktop:dbus:0.3:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.4

cpe:2.3:a:freedesktop:dbus:0.4:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.5

cpe:2.3:a:freedesktop:dbus:0.5:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.6

cpe:2.3:a:freedesktop:dbus:0.6:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.7

cpe:2.3:a:freedesktop:dbus:0.7:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.8

cpe:2.3:a:freedesktop:dbus:0.8:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.9

cpe:2.3:a:freedesktop:dbus:0.9:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.10

cpe:2.3:a:freedesktop:dbus:0.10:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.11

cpe:2.3:a:freedesktop:dbus:0.11:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.12

cpe:2.3:a:freedesktop:dbus:0.12:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.13

cpe:2.3:a:freedesktop:dbus:0.13:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.20

cpe:2.3:a:freedesktop:dbus:0.20:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.21

cpe:2.3:a:freedesktop:dbus:0.21:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.22

cpe:2.3:a:freedesktop:dbus:0.22:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.23

cpe:2.3:a:freedesktop:dbus:0.23:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.23.1

cpe:2.3:a:freedesktop:dbus:0.23.1:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.23.2

cpe:2.3:a:freedesktop:dbus:0.23.2:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.23.3

cpe:2.3:a:freedesktop:dbus:0.23.3:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.31

cpe:2.3:a:freedesktop:dbus:0.31:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.32

cpe:2.3:a:freedesktop:dbus:0.32:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.33

cpe:2.3:a:freedesktop:dbus:0.33:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.34

cpe:2.3:a:freedesktop:dbus:0.34:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.35

cpe:2.3:a:freedesktop:dbus:0.35:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.35.1

cpe:2.3:a:freedesktop:dbus:0.35.1:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.35.2

cpe:2.3:a:freedesktop:dbus:0.35.2:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.36

cpe:2.3:a:freedesktop:dbus:0.36:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.36.1

cpe:2.3:a:freedesktop:dbus:0.36.1:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.36.2

cpe:2.3:a:freedesktop:dbus:0.36.2:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.50

cpe:2.3:a:freedesktop:dbus:0.50:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.61

cpe:2.3:a:freedesktop:dbus:0.61:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.62

cpe:2.3:a:freedesktop:dbus:0.62:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.90

cpe:2.3:a:freedesktop:dbus:0.90:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.91

cpe:2.3:a:freedesktop:dbus:0.91:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>0.92

cpe:2.3:a:freedesktop:dbus:0.92:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>1.0.2

cpe:2.3:a:freedesktop:dbus:1.0.2:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>1.1.1

cpe:2.3:a:freedesktop:dbus:1.1.1:*:*:*:*:*:*:*

freedesktop.org

>>dbus>>1.1.2

cpe:2.3:a:freedesktop:dbus:1.1.2:*:*:*:*:*:*:*

freedesktop.org

>>dbus1.0>>rc1

cpe:2.3:a:freedesktop:dbus1.0:rc1:*:*:*:*:*:*:*

freedesktop.org

>>dbus1.0>>rc2

cpe:2.3:a:freedesktop:dbus1.0:rc2:*:*:*:*:*:*:*

freedesktop.org

>>dbus1.0>>rc3

cpe:2.3:a:freedesktop:dbus1.0:rc3:*:*:*:*:*:*:*

freedesktop.org

cpe:2.3:a:freedesktop:dbus1.1.0:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-20	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705	secalert@redhat.com	N/A
http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html	secalert@redhat.com	N/A
http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html	secalert@redhat.com	N/A
http://secunia.com/advisories/32127	secalert@redhat.com	Vendor Advisory
http://secunia.com/advisories/32230	secalert@redhat.com	N/A
http://secunia.com/advisories/32281	secalert@redhat.com	N/A
http://secunia.com/advisories/32385	secalert@redhat.com	N/A
http://secunia.com/advisories/33396	secalert@redhat.com	N/A
http://www.debian.org/security/2008/dsa-1658	secalert@redhat.com	N/A
http://www.freedesktop.org/wiki/Software/dbus#head-dad0dab297a44f1d7a3b1259cfc06b583fd6a88a	secalert@redhat.com	N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2008:213	secalert@redhat.com	N/A
http://www.redhat.com/support/errata/RHSA-2009-0008.html	secalert@redhat.com	N/A
http://www.securityfocus.com/bid/31602	secalert@redhat.com	N/A
http://www.securitytracker.com/id?1021063	secalert@redhat.com	N/A
http://www.ubuntu.com/usn/usn-653-1	secalert@redhat.com	N/A
http://www.vupen.com/english/advisories/2008/2762	secalert@redhat.com	N/A
https://bugs.freedesktop.org/show_bug.cgi?id=17803	secalert@redhat.com	N/A
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3834	secalert@redhat.com	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/45701	secalert@redhat.com	N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10253	secalert@redhat.com	N/A
https://www.exploit-db.com/exploits/7822	secalert@redhat.com	N/A
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00298.html	secalert@redhat.com	N/A