Back to search
CVE-2011-2200
Published: Jun 22, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
The _dbus_header_byteswap function in dbus-marshal-header.c in D-Bus (aka DBus) 1.2.x before 1.2.28, 1.4.x before 1.4.12, and 1.5.x before 1.5.4 does not properly handle a non-native byte order, which allows local users to cause a denial of service (connection loss), obtain potentially sensitive information, or conduct unspecified state-modification attacks via crafted messages.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[oss-security] 20110613 Re: CVE Request -- dbus -- Local DoS via messages with non-native byte order
mailing-list
x_refsource_MLIST
http://cgit.freedesktop.org/dbus/dbus/tree/NEWS?h=dbus-1.4
x_refsource_CONFIRM
[dbus] 20110530 D-Bus daemon big and little endian issue
mailing-list
x_refsource_MLIST
RHSA-2011:1132
vendor-advisory
x_refsource_REDHAT
dbus-nonnative-dos(67974)
vdb-entry
x_refsource_XF
https://bugs.freedesktop.org/show_bug.cgi?id=38120
x_refsource_CONFIRM
http://cgit.freedesktop.org/dbus/dbus/tree/NEWS?h=dbus-1.2
x_refsource_CONFIRM
44896
third-party-advisory
x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=712676
x_refsource_CONFIRM
[oss-security] 20110612 CVE Request -- dbus -- Local DoS via messages with non-native byte order
mailing-list
x_refsource_MLIST
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
x_refsource_CONFIRM
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629938
x_refsource_CONFIRM
[dbus] 20070317 D-Bus daemon endianness issue
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now