漏洞信息详情

D-BUS 本地提权漏洞

漏洞简介

D-BUS (dbus) 0.22之前的版本在套接字地址已知的情况下,没有正确限制对?套接字的访问权限,本地用户可利用此漏洞借助?套接字收听或发送其他用户per-user会话总线上的任意消息。

漏洞公告

目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接: D-BUS Inter-Process Communication System 0.22 Fedora dbus-0.22-10.FC3.2.i386.rpm RedHat Fedora Core 3 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ Fedora dbus-0.22-10.FC3.2.x86_64.rpm RedHat Fedora Core 3 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ Fedora dbus-debuginfo-0.22-10.FC3.2.i386.rpm RedHat Fedora Core 3 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ Fedora dbus-debuginfo-0.22-10.FC3.2.x86_64.rpm RedHat Fedora Core 3 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ Fedora dbus-devel-0.22-10.FC3.2.i386.rpm RedHat Fedora Core 3 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ Fedora dbus-devel-0.22-10.FC3.2.x86_64.rpm RedHat Fedora Core 3 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ Fedora dbus-glib-0.22-10.FC3.2.i386.rpm RedHat Fedora Core 3 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ Fedora dbus-glib-0.22-10.FC3.2.x86_64.rpm RedHat Fedora Core 3 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ Fedora dbus-python-0.22-10.FC3.2.i386.rpm RedHat Fedora Core 3 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ Fedora dbus-python-0.22-10.FC3.2.x86_64.rpm RedHat Fedora Core 3 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ Fedora dbus-x11-0.22-10.FC3.2.i386.rpm RedHat Fedora Core 3 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ Fedora dbus-x11-0.22-10.FC3.2.x86_64.rpm RedHat Fedora Core 3 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ Ubuntu dbus-1-dev_0.22-1ubuntu2.1_amd64.deb Ubuntu 4.10 (Warty Warthog) http://security.ubuntu.com/ubuntu/pool/main/d/dbus/dbus-1-dev_0.22-1ub untu2.1_amd64.deb Ubuntu dbus-1-dev_0.22-1ubuntu2.1_i386.deb Ubuntu 4.10 (Warty Warthog) http://security.ubuntu.com/ubuntu/pool/main/d/dbus/dbus-1-dev_0.22-1ub untu2.1_i386.deb Ubuntu dbus-1-dev_0.22-1ubuntu2.1_powerpc.deb Ubuntu 4.10 (Warty Warthog) http://security.ubuntu.com/ubuntu/pool/main/d/dbus/dbus-1-dev_0.22-1ub untu2.1_powerpc.deb Ubuntu dbus-1-utils_0.22-1ubuntu2.1_amd64.deb Ubuntu 4.10 (Warty Warthog) http://security.ubuntu.com/ubuntu/pool/main/d/dbus/dbus-1-utils_0.22-1 ubuntu2.1_amd64.deb Ubuntu dbus-1-utils_0.22-1ubuntu2.1_i386.deb Ubuntu 4.10 (Warty Warthog) http://security.ubuntu.com/ubuntu/pool/main/d/dbus/dbus-1-utils_0.22-1 ubuntu2.1_i386.deb Ubuntu dbus-1-utils_0.22-1ubuntu2.1_powerpc.deb Ubuntu 4.10 (Warty Warthog) http://security.ubuntu.com/ubuntu/pool/main/d/dbus/dbus-1-utils_0.22-1 ubuntu2.1_powerpc.deb Ubuntu dbus-1_0.22-1ubuntu2.1_amd64.deb Ubuntu 4.10 (Warty Warthog) http://security.ubuntu.com/ubuntu/pool/main/d/dbus/dbus-1_0.22-1ubuntu 2.1_amd64.deb Ubuntu dbus-1_0.22-1ubuntu2.1_i386.deb Ubuntu 4.10 (Warty Warthog) http://security.ubuntu.com/ubuntu/pool/main/d/dbus/dbus-1_0.22-1ubuntu 2.1_i386.deb Ubuntu dbus-1_0.22-1ubuntu2.1_powerpc.deb Ubuntu 4.10 (Warty Warthog) http://security.ubuntu.com/ubuntu/pool/main/d/dbus/dbus-1_0.22-1ubuntu 2.1_powerpc.deb Ubuntu dbus-glib-1-dev_0.22-1ubuntu2.1_amd64.deb Ubuntu 4.10 (Warty Warthog) http://security.ubuntu.com/ubuntu/pool/main/d/dbus/dbus-glib-1-dev_0.2 2-1ubuntu2.1_amd64.deb Ubuntu dbus-glib-1-dev_0.22-1ubuntu2.1_i386.deb Ubuntu 4.10 (Warty Warthog) http://security.ubuntu.com/ubuntu/pool/main/d/dbus/dbus-glib-1-dev_0.2 2-1ubuntu2.1_i386.deb Ubuntu dbus-glib-1-dev_0.22-1ubuntu2.1_powerpc.deb Ubuntu 4.10 (Warty Warthog) http://security.ubuntu.com/ubuntu/pool/main/d/dbus/dbus-glib-1-dev_0.2 2-1ubuntu2.1_powerpc.deb Ubuntu dbus-glib-1_0.22-1ubuntu2.1_amd64.deb Ubuntu 4.10 (Warty Warthog) http://security.ubuntu.com/ubuntu/pool/main/d/dbus/dbus-glib-1_0.22-1u buntu2.1_amd64.deb Ubuntu dbus-glib-1_0.22-1ubuntu2.1_i386.deb Ubuntu 4.10 (Warty Warthog) http://security.ubuntu.com/ubuntu/pool/main/d/dbus/dbus-glib-1_0.22-1u buntu2.1_i386.deb Ubuntu dbus-glib-1_0.22-1ubuntu2.1_powerpc.deb Ubuntu 4.10 (Warty Warthog) http://security.ubuntu.com/ubuntu/pool/main/d/dbus/dbus-glib-1_0.22-1u buntu2.1_powerpc.deb Ubuntu dbus/dbus-1-doc_0.22-1ubuntu2.1_all.deb Ubuntu 4.10 (Warty Warthog) http://security.ubuntu.com/ubuntu/pool/main/d/dbus/dbus-1-doc_0.22-1ub untu2.1_all.deb

参考网址

来源: REDHAT 名称: RHSA-2005:102 链接:http://www.redhat.com/support/errata/RHSA-2005-102.html 来源: MANDRAKE 名称: MDKSA-2005:105 链接:http://www.mandriva.com/security/advisories?name=MDKSA-2005:105 来源: UBUNTU 名称: USN-144-1 链接:http://www.ubuntulinux.org/support/documentation/usn/usn-144-1 来源: AUSCERT 名称: ESB-2005.0435 链接:http://www.auscert.org.au/render.html?it=5156 来源: BID 名称: 12435 链接:http://www.securityfocus.com/bid/12435 来源: SECTRACK 名称: 1013075 链接:http://securitytracker.com/id?1013075 来源: SECUNIA 名称: 15844 链接:http://secunia.com/advisories/15844 来源: SECUNIA 名称: 15833 链接:http://secunia.com/advisories/15833 来源: SECUNIA 名称: 15638 链接:http://secunia.com/advisories/15638 来源: SECUNIA 名称: 14119 链接:http://secunia.com/advisories/14119

补丁

    暂无

漏洞信息快速查询

相关漏洞

更多