CVE 2008-4311
The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_
Related bugs and status
CVE-2008-4311 (Candidate) is related to these bugs:
Bug #43644: time-admin shows different time zone when it is restarted
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
43644 | time-admin shows different time zone when it is restarted | gnome-system-tools (Ubuntu) | Medium | Invalid | ||
43644 | time-admin shows different time zone when it is restarted | tzdata (Ubuntu) | Undecided | Invalid | ||
43644 | time-admin shows different time zone when it is restarted | GST | Undecided | Invalid | ||
43644 | time-admin shows different time zone when it is restarted | system-tools-backends (Ubuntu) | Undecided | Fix Released | ||
43644 | time-admin shows different time zone when it is restarted | system-tools-backends | Low | Fix Released | ||
43644 | time-admin shows different time zone when it is restarted | gnome-system-tools (Debian) | Undecided | Invalid | ||
43644 | time-admin shows different time zone when it is restarted | system-tools-backends (Debian) | Unknown | Fix Released |
Bug #306362: Default D-Bus system bus policy is allow
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
306362 | Default D-Bus system bus policy is allow | dbus (Ubuntu) | Critical | Fix Released | ||
306362 | Default D-Bus system bus policy is allow | D-Bus | Medium | Fix Released | ||
306362 | Default D-Bus system bus policy is allow | dbus (Debian) | Unknown | Fix Released | ||
306362 | Default D-Bus system bus policy is allow | dbus (Fedora) | Medium | Fix Released |
Bug #314985: Please merge policykit_0.9-2(main) from debian unstable
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
314985 | Please merge policykit_0.9-2(main) from debian unstable | policykit (Ubuntu) | Undecided | Fix Released |
Bug #318751: D-Bus Policy needs checking
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
318751 | D-Bus Policy needs checking | system-tools-backends (Ubuntu) | Undecided | Fix Released | ||
318751 | D-Bus Policy needs checking | system-tools-backends (Debian) | Unknown | Fix Released |
Bug #318775: D-Bus Policy needs checking
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
318775 | D-Bus Policy needs checking | devicekit-power (Ubuntu) | Undecided | Fix Released |
Bug #371234: system::admin::services is broken in karmic (says platform is unsupported)
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
371234 | system::admin::services is broken in karmic (says platform is unsupported) | system-tools-backends (Ubuntu) | High | Fix Released | ||
371234 | system::admin::services is broken in karmic (says platform is unsupported) | system-tools-backends (Ubuntu Karmic) | High | Fix Released | ||
371234 | system::admin::services is broken in karmic (says platform is unsupported) | system-tools-backends | Critical | Unknown |
See the
CVE page on Mitre.org
for more details.