RSS   Vulnerabilities for 'Enterprise linux desktop'   RSS

2008-02-29
 
CVE-2008-0595

CWE-264
 

 
dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method call with a NULL interface.

 

 >>> Vendor: Red hat 10 Products
Enterprise linux
Enterprise linux desktop
Enterprise linux desktop workstation
Directory server
Fedora directory server
Network satellite server
Linux kernel
Enterprise linux kernel
Fedora core
Network satellite


Copyright 2019, cxsecurity.com

 

Back to Top