CVE-2012-3524

libdbus - 'DBUS_SYSTEM_BUS_ADDRESS' Local Privilege Escalation

Severity Score

6.9

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: libdbus maintainers state that this is a vulnerability in the applications that do not cleanse environment variables, not in libdbus itself: "we do not support use of libdbus in setuid binaries that do not sanitize their environment before their first call into libdbus."

Protección v1.5.x y anteriores, cuan es usado con setuid u otros programas con privilegios en X.org y posiblemente otros productos, permite a usuarios locales elevar sus privilegios y ejecutar código de su elección a través de la variable de entorno DBUS_SYSTEM_BUS_ADDRESS environment. NOTA: el equipo de mantenimiento de lindbus indican que esto es un problema de las aplicaciones que no limpian las variables de entorno, no en del propio lindbus.

*Credits: N/A

CVSS Scores

NISTv2 6.9

Attack Vector

Local

Attack Complexity

Medium

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2012-06-14 CVE Reserved
2012-07-17 First Exploit
2012-09-14 CVE Published
2023-03-08 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-264: Permissions, Privileges, and Access Controls
CWE-426: Untrusted Search Path

CAPEC

References (25)

URL	Tag	Source
http://secunia.com/advisories/50544	Third Party Advisory
http://secunia.com/advisories/50710	Third Party Advisory
http://www.openwall.com/lists/oss-security/2012/07/10/4	Mailing List
http://www.openwall.com/lists/oss-security/2012/07/26/1	Mailing List
http://www.openwall.com/lists/oss-security/2012/09/12/6	Mailing List
http://www.openwall.com/lists/oss-security/2012/09/14/2	Mailing List
http://www.openwall.com/lists/oss-security/2012/09/17/2	Mailing List
https://bugzilla.novell.com/show_bug.cgi?id=697105	X_refsource_misc

URL	Date	SRC
https://www.exploit-db.com/exploits/21323	2012-07-17
http://stealth.openwall.net/null/dzug.c	2024-08-06
http://www.exploit-db.com/exploits/21323	2024-08-06
http://www.securityfocus.com/bid/55517	2024-08-06

URL	Date	SRC
https://bugs.freedesktop.org/show_bug.cgi?id=52202	2023-11-07

URL	Date	SRC
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00009.html	2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00015.html	2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00000.html	2023-11-07
http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html	2023-11-07
http://rhn.redhat.com/errata/RHSA-2012-1261.html	2023-11-07
http://secunia.com/advisories/50537	2023-11-07
http://www.mandriva.com/security/advisories?name=MDVSA-2013:070	2023-11-07
http://www.mandriva.com/security/advisories?name=MDVSA-2013:083	2023-11-07
http://www.ubuntu.com/usn/USN-1576-1	2023-11-07
http://www.ubuntu.com/usn/USN-1576-2	2023-11-07
https://bugzilla.redhat.com/show_bug.cgi?id=847402	2012-09-13
https://access.redhat.com/security/cve/CVE-2012-3524	2012-09-13

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Freedesktop Search vendor "Freedesktop"		Libdbus Search vendor "Freedesktop" for product "Libdbus"				<= 1.5.12 Search vendor "Freedesktop" for product "Libdbus" and version " <= 1.5.12"		-		Affected
Freedesktop Search vendor "Freedesktop"		Libdbus Search vendor "Freedesktop" for product "Libdbus"				1.5.0 Search vendor "Freedesktop" for product "Libdbus" and version "1.5.0"		-		Affected
Freedesktop Search vendor "Freedesktop"		Libdbus Search vendor "Freedesktop" for product "Libdbus"				1.5.2 Search vendor "Freedesktop" for product "Libdbus" and version "1.5.2"		-		Affected
Freedesktop Search vendor "Freedesktop"		Libdbus Search vendor "Freedesktop" for product "Libdbus"				1.5.4 Search vendor "Freedesktop" for product "Libdbus" and version "1.5.4"		-		Affected
Freedesktop Search vendor "Freedesktop"		Libdbus Search vendor "Freedesktop" for product "Libdbus"				1.5.6 Search vendor "Freedesktop" for product "Libdbus" and version "1.5.6"		-		Affected
Freedesktop Search vendor "Freedesktop"		Libdbus Search vendor "Freedesktop" for product "Libdbus"				1.5.8 Search vendor "Freedesktop" for product "Libdbus" and version "1.5.8"		-		Affected
Freedesktop Search vendor "Freedesktop"		Libdbus Search vendor "Freedesktop" for product "Libdbus"				1.5.10 Search vendor "Freedesktop" for product "Libdbus" and version "1.5.10"		-		Affected