CVE-2008-0595 in Inter-process Communication Systeminfo

Summary

dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method call with a NULL interface.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

02/05/2008

Disclosure

02/29/2008

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
41292	D-Bus Inter-process Communication System Access Restriction access control	264	Proof-of-Concept	Official fix	CVE-2008-0595

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!