CVE-2008-3834

D-Bus Daemon < 1.2.4 - 'libdbus' Denial of Service

Severity Score

2.1

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error.

La función dbus_signature_validat en la librería D-bus (libdbus), versiones anteriores a 1.2.4, permite a los atacantes remotos causar una denegación de servicios (aplicación suspendida) a través de un mensaje que contiene una firma mal formada, el cual lanza un error assertion.

*Credits: N/A

CVSS Scores

NISTv2 2.1

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2008-08-27 CVE Reserved
2008-10-07 CVE Published
2024-05-23 EPSS Updated
2024-08-07 CVE Updated
2024-08-07 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-20: Improper Input Validation

CAPEC

References (24)

URL	Tag	Source
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705	X_refsource_confirm
http://secunia.com/advisories/32230	Third Party Advisory
http://secunia.com/advisories/32281	Third Party Advisory
http://secunia.com/advisories/32385	Third Party Advisory
http://secunia.com/advisories/33396	Third Party Advisory
http://www.freedesktop.org/wiki/Software/dbus#head-dad0dab297a44f1d7a3b1259cfc06b583fd6a88a	X_refsource_confirm
http://www.securityfocus.com/bid/31602	Vdb Entry
http://www.securitytracker.com/id?1021063	Vdb Entry
http://www.vupen.com/english/advisories/2008/2762	Vdb Entry
https://bugs.freedesktop.org/show_bug.cgi?id=17803	X_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3834	X_refsource_confirm
https://exchange.xforce.ibmcloud.com/vulnerabilities/45701	Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10253	Signature

URL	Date	SRC
https://www.exploit-db.com/exploits/7822	2024-08-07

URL	Date	SRC

URL	Date	SRC
http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html	2017-09-29
http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html	2017-09-29
http://secunia.com/advisories/32127	2017-09-29
http://www.debian.org/security/2008/dsa-1658	2017-09-29
http://www.mandriva.com/security/advisories?name=MDVSA-2008:213	2017-09-29
http://www.redhat.com/support/errata/RHSA-2009-0008.html	2017-09-29
http://www.ubuntu.com/usn/usn-653-1	2017-09-29
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00298.html	2017-09-29
https://access.redhat.com/security/cve/CVE-2008-3834	2009-01-07
https://bugzilla.redhat.com/show_bug.cgi?id=464674	2009-01-07

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				<= 1.1.4 Search vendor "Freedesktop" for product "Dbus" and version " <= 1.1.4"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.1 Search vendor "Freedesktop" for product "Dbus" and version "0.1"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.2 Search vendor "Freedesktop" for product "Dbus" and version "0.2"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.3 Search vendor "Freedesktop" for product "Dbus" and version "0.3"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.4 Search vendor "Freedesktop" for product "Dbus" and version "0.4"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.5 Search vendor "Freedesktop" for product "Dbus" and version "0.5"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.6 Search vendor "Freedesktop" for product "Dbus" and version "0.6"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.7 Search vendor "Freedesktop" for product "Dbus" and version "0.7"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.8 Search vendor "Freedesktop" for product "Dbus" and version "0.8"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.9 Search vendor "Freedesktop" for product "Dbus" and version "0.9"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.10 Search vendor "Freedesktop" for product "Dbus" and version "0.10"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.11 Search vendor "Freedesktop" for product "Dbus" and version "0.11"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.12 Search vendor "Freedesktop" for product "Dbus" and version "0.12"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.13 Search vendor "Freedesktop" for product "Dbus" and version "0.13"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.20 Search vendor "Freedesktop" for product "Dbus" and version "0.20"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.21 Search vendor "Freedesktop" for product "Dbus" and version "0.21"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.22 Search vendor "Freedesktop" for product "Dbus" and version "0.22"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.23 Search vendor "Freedesktop" for product "Dbus" and version "0.23"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.23.1 Search vendor "Freedesktop" for product "Dbus" and version "0.23.1"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.23.2 Search vendor "Freedesktop" for product "Dbus" and version "0.23.2"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.23.3 Search vendor "Freedesktop" for product "Dbus" and version "0.23.3"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.31 Search vendor "Freedesktop" for product "Dbus" and version "0.31"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.32 Search vendor "Freedesktop" for product "Dbus" and version "0.32"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.33 Search vendor "Freedesktop" for product "Dbus" and version "0.33"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.34 Search vendor "Freedesktop" for product "Dbus" and version "0.34"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.35 Search vendor "Freedesktop" for product "Dbus" and version "0.35"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.35.1 Search vendor "Freedesktop" for product "Dbus" and version "0.35.1"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.35.2 Search vendor "Freedesktop" for product "Dbus" and version "0.35.2"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.36 Search vendor "Freedesktop" for product "Dbus" and version "0.36"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.36.1 Search vendor "Freedesktop" for product "Dbus" and version "0.36.1"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.36.2 Search vendor "Freedesktop" for product "Dbus" and version "0.36.2"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.50 Search vendor "Freedesktop" for product "Dbus" and version "0.50"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.61 Search vendor "Freedesktop" for product "Dbus" and version "0.61"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.62 Search vendor "Freedesktop" for product "Dbus" and version "0.62"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.90 Search vendor "Freedesktop" for product "Dbus" and version "0.90"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.91 Search vendor "Freedesktop" for product "Dbus" and version "0.91"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				0.92 Search vendor "Freedesktop" for product "Dbus" and version "0.92"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.0.2 Search vendor "Freedesktop" for product "Dbus" and version "1.0.2"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.1.1 Search vendor "Freedesktop" for product "Dbus" and version "1.1.1"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus Search vendor "Freedesktop" for product "Dbus"				1.1.2 Search vendor "Freedesktop" for product "Dbus" and version "1.1.2"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus1.0 Search vendor "Freedesktop" for product "Dbus1.0"				rc1 Search vendor "Freedesktop" for product "Dbus1.0" and version "rc1"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus1.0 Search vendor "Freedesktop" for product "Dbus1.0"				rc2 Search vendor "Freedesktop" for product "Dbus1.0" and version "rc2"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus1.0 Search vendor "Freedesktop" for product "Dbus1.0"				rc3 Search vendor "Freedesktop" for product "Dbus1.0" and version "rc3"		-		Affected
Freedesktop Search vendor "Freedesktop"		Dbus1.1.0 Search vendor "Freedesktop" for product "Dbus1.1.0"				*		-		Affected