Novell Home

CVE-2008-4311

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2008-4311 at MITRE

Description

The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving messages, related to receive_requested_reply.

NVD CVSS v2 Base Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)

Novell/SUSE information

Novell Bugzilla entry: 443307

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 11.1
  • dbus-1-debuginfo >= 1.2.10-5.4.1
  • dbus-1-debuginfo-32bit >= 1.2.10-5.4.1
  • dbus-1-debuginfo-64bit >= 1.2.10-5.4.1
  • dbus-1-debugsource >= 1.2.10-5.4.1
openSUSE 11.1
  • dbus-1 >= 1.2.10-5.4.1
  • dbus-1-32bit >= 1.2.10-5.4.1
  • dbus-1-64bit >= 1.2.10-5.4.1
  • dbus-1-devel >= 1.2.10-5.4.1
  • dbus-1-devel-doc >= 1.2.10-5.4.1
SUSE Linux Enterprise SDK 10 SP2
  • dbus-1-devel >= 0.60-33.22
  • dbus-1-devel-doc >= 0.60-33.25
  • dbus-1-java >= 0.60-33.25
sle10-sp2-sdk.x86
sled10-sp2.x86-64
sles10-sp2-debuginfo.s390x
sles10-sp2.x86-64
sles10-sp2-debuginfo.x86-64
sled10-sp2.x86
sles10-sp2.ia64
sles10-sp2-debuginfo.ia64
sles10-sp2.ppc
sle10-sp2-sdk.s390x
sles10-sp2-debuginfo.ppc
sle10-sp2-sdk.x86-64
sle10-sp2-sdk.ia64
sles10-sp2.s390x
sle10-sp2-sdk.ppc
sles10-sp2-debuginfo.x86
sles10-sp2.x86
ZYPP Patch Nr: 5969
openSUSE 11.0
  • bluez-utils-debuginfo >= 3.32-8.7
  • bluez-utils-debugsource >= 3.32-8.7
openSUSE 11.0
  • bluez-audio >= 3.32-8.7
  • bluez-cups >= 3.32-8.7
  • bluez-test >= 3.32-8.7
  • bluez-utils >= 3.32-8.7
openSUSE 11.0
  • hal-debuginfo >= 0.5.11-8.4
  • hal-debugsource >= 0.5.11-8.4
openSUSE 11.0
  • hal >= 0.5.11-8.4
  • hal-32bit >= 0.5.11-8.4
  • hal-64bit >= 0.5.11-8.4
  • hal-devel >= 0.5.11-8.4
openSUSE 11.1
  • hal-debuginfo >= 0.5.12-10.13.1
  • hal-debuginfo-32bit >= 0.5.12-10.13.1
  • hal-debuginfo-64bit >= 0.5.12-10.13.1
  • hal-debugsource >= 0.5.12-10.13.1
openSUSE 11.1
  • hal >= 0.5.12-10.13.1
  • hal-32bit >= 0.5.12-10.13.1
  • hal-64bit >= 0.5.12-10.13.1
  • hal-devel >= 0.5.12-10.13.1
openSUSE 11.1
  • gnome-panel-debuginfo >= 2.24.1-2.26.1
  • gnome-panel-debuginfo-32bit >= 2.24.1-2.26.1
  • gnome-panel-debugsource >= 2.24.1-2.26.1
openSUSE 11.1
  • gnome-panel >= 2.24.1-2.26.1
  • gnome-panel-32bit >= 2.24.1-2.26.1
  • gnome-panel-devel >= 2.24.1-2.26.1
  • gnome-panel-doc >= 2.24.1-2.26.1
  • gnome-panel-extras >= 2.24.1-2.26.1
  • gnome-panel-lang >= 2.24.1-2.26.1
openSUSE 11.0
  • bluez-utils-debuginfo >= 3.32-8.4
  • bluez-utils-debugsource >= 3.32-8.4
openSUSE 11.0
  • bluez-audio >= 3.32-8.4
  • bluez-cups >= 3.32-8.4
  • bluez-test >= 3.32-8.4
  • bluez-utils >= 3.32-8.4
openSUSE 11.0
  • dbus-1-debuginfo >= 1.2.1-15.4
  • dbus-1-debugsource >= 1.2.1-15.4
  • dbus-1-glib-debuginfo >= 0.74-88.1
  • dbus-1-glib-debugsource >= 0.74-88.1
  • dbus-1-python-debuginfo >= 0.82.4-49.1
  • dbus-1-python-debugsource >= 0.82.4-49.1
  • dbus-1-qt3-debuginfo >= 0.62-179.1
  • dbus-1-qt3-debugsource >= 0.62-179.1
  • dbus-1-x11-debuginfo >= 1.2.1-18.4
  • dbus-1-x11-debugsource >= 1.2.1-18.4
openSUSE 11.0
  • dbus-1 >= 1.2.1-15.4
  • dbus-1-32bit >= 1.2.1-15.4
  • dbus-1-64bit >= 1.2.1-15.4
  • dbus-1-devel >= 1.2.1-15.4
  • dbus-1-devel-doc >= 1.2.1-15.4
  • dbus-1-glib >= 0.74-88.1
  • dbus-1-glib-32bit >= 0.74-88.1
  • dbus-1-glib-64bit >= 0.74-88.1
  • dbus-1-glib-devel >= 0.74-88.1
  • dbus-1-glib-doc >= 0.74-88.1
  • dbus-1-mono >= 0.63-154.1
  • dbus-1-python >= 0.82.4-49.1
  • dbus-1-python-devel >= 0.82.4-49.1
  • dbus-1-qt3 >= 0.62-179.1
  • dbus-1-qt3-32bit >= 0.62-179.1
  • dbus-1-qt3-64bit >= 0.62-179.1
  • dbus-1-qt3-devel >= 0.62-179.1
  • dbus-1-x11 >= 1.2.1-18.4
openSUSE 11.1
  • dbus-1-debuginfo >= 1.2.10-5.3.1
  • dbus-1-debuginfo-32bit >= 1.2.10-5.3.1
  • dbus-1-debuginfo-64bit >= 1.2.10-5.3.1
  • dbus-1-debugsource >= 1.2.10-5.3.1
  • dbus-1-glib-debuginfo >= 0.76-32.33.1
  • dbus-1-glib-debuginfo-32bit >= 0.76-32.33.1
  • dbus-1-glib-debuginfo-64bit >= 0.76-32.33.1
  • dbus-1-glib-debugsource >= 0.76-32.33.1
  • dbus-1-python-debuginfo >= 0.83.0-22.22.1
  • dbus-1-python-debugsource >= 0.83.0-22.22.1
  • dbus-1-qt3-debuginfo >= 0.62-221.222.1
  • dbus-1-qt3-debugsource >= 0.62-221.222.1
  • dbus-1-x11-debuginfo >= 1.2.10-5.3.1
  • dbus-1-x11-debugsource >= 1.2.10-5.3.1
openSUSE 11.1
  • dbus-1 >= 1.2.10-5.3.1
  • dbus-1-32bit >= 1.2.10-5.3.1
  • dbus-1-64bit >= 1.2.10-5.3.1
  • dbus-1-devel >= 1.2.10-5.3.1
  • dbus-1-devel-doc >= 1.2.10-5.3.1
  • dbus-1-glib >= 0.76-32.33.1
  • dbus-1-glib-32bit >= 0.76-32.33.1
  • dbus-1-glib-64bit >= 0.76-32.33.1
  • dbus-1-glib-devel >= 0.76-32.33.1
  • dbus-1-glib-doc >= 0.76-32.33.1
  • dbus-1-mono >= 0.63-118.117.1
  • dbus-1-python >= 0.83.0-22.22.1
  • dbus-1-python-devel >= 0.83.0-22.22.1
  • dbus-1-qt3 >= 0.62-221.222.1
  • dbus-1-qt3-32bit >= 0.62-221.222.1
  • dbus-1-qt3-64bit >= 0.62-221.222.1
  • dbus-1-qt3-devel >= 0.62-221.222.1
  • dbus-1-x11 >= 1.2.10-5.3.1
SUSE Linux Enterprise SDK 11 GA
  • dbus-1-devel >= 1.2.10-3.9.1
  • dbus-1-devel-doc >= 1.2.10-3.9.1
sle11-sdk.ia64
sled11.x86-64
sle11-sdk.ppc
sle11-sdk.s390x
sle11-debuginfo.x86
sled11.x86
sle11-sdk.x86-64
sle11-debuginfo.s390x
sles11.ia64
sle11-sdk.x86
sles11.ppc
sles11.x86
sle11-debuginfo.ia64
sles11.x86-64
sle11-debuginfo.ppc
sle11-debuginfo.x86-64
sles11.s390x
SAT Patch Nr: 726
SUSE Linux Enterprise Desktop 11 GA
SUSE Linux Enterprise Server 11 GA
  • dbus-1 >= 1.2.10-3.9.1
sle11-sdk.ia64
sled11.x86-64
sle11-sdk.ppc
sle11-sdk.s390x
sle11-debuginfo.x86
sled11.x86
sle11-sdk.x86-64
sle11-debuginfo.s390x
sles11.ia64
sle11-sdk.x86
sles11.ppc
sles11.x86
sle11-debuginfo.ia64
sles11.x86-64
sle11-debuginfo.ppc
sle11-debuginfo.x86-64
sles11.s390x
SAT Patch Nr: 726
SUSE Linux Enterprise Desktop 11 GA
SUSE Linux Enterprise Server 11 GA
  • dbus-1 >= 1.2.10-3.9.1
  • dbus-1-32bit >= 1.2.10-3.9.1
sle11-sdk.ia64
sled11.x86-64
sle11-sdk.ppc
sle11-sdk.s390x
sle11-debuginfo.x86
sled11.x86
sle11-sdk.x86-64
sle11-debuginfo.s390x
sles11.ia64
sle11-sdk.x86
sles11.ppc
sles11.x86
sle11-debuginfo.ia64
sles11.x86-64
sle11-debuginfo.ppc
sle11-debuginfo.x86-64
sles11.s390x
SAT Patch Nr: 726
SUSE Linux Enterprise Server 11 GA
  • dbus-1 >= 1.2.10-3.9.1
  • dbus-1-x86 >= 1.2.10-3.9.1
sle11-sdk.ia64
sled11.x86-64
sle11-sdk.ppc
sle11-sdk.s390x
sle11-debuginfo.x86
sled11.x86
sle11-sdk.x86-64
sle11-debuginfo.s390x
sles11.ia64
sle11-sdk.x86
sles11.ppc
sles11.x86
sle11-debuginfo.ia64
sles11.x86-64
sle11-debuginfo.ppc
sle11-debuginfo.x86-64
sles11.s390x
SAT Patch Nr: 726
openSUSE 11.0
  • hal-debuginfo >= 0.5.11-8.6
  • hal-debugsource >= 0.5.11-8.6
openSUSE 11.0
  • hal >= 0.5.11-8.6
  • hal-32bit >= 0.5.11-8.6
  • hal-64bit >= 0.5.11-8.6
  • hal-devel >= 0.5.11-8.6
openSUSE 11.0
  • PackageKit-debuginfo >= 0.2.1-15.10
  • PackageKit-debugsource >= 0.2.1-15.10
openSUSE 11.0
  • PackageKit >= 0.2.1-15.10
  • PackageKit-devel >= 0.2.1-15.10
openSUSE 11.1
  • PackageKit-debuginfo >= 0.3.11-1.13.1
  • PackageKit-debugsource >= 0.3.11-1.13.1
openSUSE 11.1
  • PackageKit >= 0.3.11-1.13.1
  • PackageKit-devel >= 0.3.11-1.13.1
  • PackageKit-lang >= 0.3.11-1.13.1
  • libpackagekit-glib10 >= 0.3.11-1.13.1
  • libpackagekit-glib10-devel >= 0.3.11-1.13.1
  • libpackagekit-qt10 >= 0.3.11-1.13.1
  • libpackagekit-qt10-devel >= 0.3.11-1.13.1
openSUSE 11.0
  • PolicyKit-debuginfo >= 0.8-14.2
  • PolicyKit-debugsource >= 0.8-14.2
openSUSE 11.0
  • PolicyKit >= 0.8-14.2
  • PolicyKit-32bit >= 0.8-14.2
  • PolicyKit-64bit >= 0.8-14.2
  • PolicyKit-devel >= 0.8-14.2
openSUSE 11.1
  • PolicyKit-debuginfo >= 0.9-13.17.1
  • PolicyKit-debugsource >= 0.9-13.17.1
openSUSE 11.1
  • PolicyKit >= 0.9-13.17.1
  • PolicyKit-32bit >= 0.9-13.17.1
  • PolicyKit-64bit >= 0.9-13.17.1
  • PolicyKit-devel >= 0.9-13.17.1
openSUSE 11.0
  • powersave-debuginfo >= 0.15.20-38.2
  • powersave-debugsource >= 0.15.20-38.2
openSUSE 11.0
  • powersave >= 0.15.20-38.2
  • powersave-devel >= 0.15.20-38.2
  • powersave-libs >= 0.15.20-38.2
  • powersave-libs-32bit >= 0.15.20-38.2
  • powersave-libs-64bit >= 0.15.20-38.2
openSUSE 11.0
  • ConsoleKit-debuginfo >= 0.2.10-14.4
  • ConsoleKit-debugsource >= 0.2.10-14.4
openSUSE 11.0
  • ConsoleKit >= 0.2.10-14.4
  • ConsoleKit-32bit >= 0.2.10-14.4
  • ConsoleKit-64bit >= 0.2.10-14.4
  • ConsoleKit-devel >= 0.2.10-14.4
  • ConsoleKit-x11 >= 0.2.10-14.4
openSUSE 11.1
  • ConsoleKit-debuginfo >= 0.2.10-60.26.1
  • ConsoleKit-debugsource >= 0.2.10-60.26.1
openSUSE 11.1
  • ConsoleKit >= 0.2.10-60.26.1
  • ConsoleKit-32bit >= 0.2.10-60.26.1
  • ConsoleKit-64bit >= 0.2.10-60.26.1
  • ConsoleKit-devel >= 0.2.10-60.26.1
  • ConsoleKit-x11 >= 0.2.10-60.26.1

List of products where fixes are in QA

SUSE Linux Enterprise Desktop 11 GA
SUSE Linux Enterprise SDK 11 GA
SUSE Linux Enterprise Server 11 GA

© 2014 Novell