Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2014-3477

Опубликовано: 01 июл. 2014
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 2.1
CVSS3: 4

Описание

The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and 1.8.x before 1.8.4, sends an AccessDenied error to the service instead of a client when the client is prohibited from accessing the service, which allows local users to cause a denial of service (initialization failure and exit) or possibly conduct a side-channel attack via a D-Bus message to an inactive service.

РелизСтатусПримечание
devel

released

1.6.18-0ubuntu9
esm-infra-legacy/trusty

released

1.6.18-0ubuntu4.1
lucid

ignored

precise

released

1.4.18-1ubuntu1.5
saucy

released

1.6.12-0ubuntu10.1
trusty

released

1.6.18-0ubuntu4.1
trusty/esm

released

1.6.18-0ubuntu4.1
upstream

released

1.8.4-1,1.6.20

Показывать по

Ссылки на источники

EPSS

Процентиль: 23%
0.00097
Низкий

2.1 Low

CVSS2

4 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2014-3477

redhat
больше 11 лет назад

The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and 1.8.x before 1.8.4, sends an AccessDenied error to the service instead of a client when the client is prohibited from accessing the service, which allows local users to cause a denial of service (initialization failure and exit) or possibly conduct a side-channel attack via a D-Bus message to an inactive service.

nvd логотип

CVE-2014-3477

CVSS3: 4
nvd
больше 11 лет назад

The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and 1.8.x before 1.8.4, sends an AccessDenied error to the service instead of a client when the client is prohibited from accessing the service, which allows local users to cause a denial of service (initialization failure and exit) or possibly conduct a side-channel attack via a D-Bus message to an inactive service.

debian логотип

CVE-2014-3477

CVSS3: 4
debian
больше 11 лет назад

The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and ...

github логотип

GHSA-qj2p-fqqf-6x63

CVSS3: 4
github
больше 3 лет назад

The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and 1.8.x before 1.8.4, sends an AccessDenied error to the service instead of a client when the client is prohibited from accessing the service, which allows local users to cause a denial of service (initialization failure and exit) or possibly conduct a side-channel attack via a D-Bus message to an inactive service.

fstec логотип

BDU:2015-09788

fstec
почти 11 лет назад

Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 23%
0.00097
Низкий

2.1 Low

CVSS2

4 Medium

CVSS3