{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-10-06T00:00:00", "descriptions": [{"lang": "en", "value": "The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "MDVSA-2008:213", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:213"}, {"name": "DSA-1658", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1658"}, {"name": "31602", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/31602"}, {"name": "openSUSE-SU-2012:1418", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=17803"}, {"name": "1021063", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021063"}, {"name": "dbus-dbusvalidatesignaturewithreason-dos(45701)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45701"}, {"name": "7822", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/7822"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3834"}, {"name": "32385", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32385"}, {"name": "SUSE-SR:2008:027", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html"}, {"name": "32281", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32281"}, {"name": "FEDORA-2008-8764", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00298.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.freedesktop.org/wiki/Software/dbus#head-dad0dab297a44f1d7a3b1259cfc06b583fd6a88a"}, {"name": "32230", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32230"}, {"name": "oval:org.mitre.oval:def:10253", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10253"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"}, {"name": "ADV-2008-2762", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2762"}, {"name": "33396", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33396"}, {"name": "32127", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32127"}, {"name": "RHSA-2009:0008", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2009-0008.html"}, {"name": "USN-653-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-653-1"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T09:53:00.382Z"}, "title": "CVE Program Container", "references": [{"name": "MDVSA-2008:213", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:213"}, {"name": "DSA-1658", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2008/dsa-1658"}, {"name": "31602", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/31602"}, {"name": "openSUSE-SU-2012:1418", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=17803"}, {"name": "1021063", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1021063"}, {"name": "dbus-dbusvalidatesignaturewithreason-dos(45701)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45701"}, {"name": "7822", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/7822"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3834"}, {"name": "32385", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32385"}, {"name": "SUSE-SR:2008:027", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html"}, {"name": "32281", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32281"}, {"name": "FEDORA-2008-8764", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00298.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.freedesktop.org/wiki/Software/dbus#head-dad0dab297a44f1d7a3b1259cfc06b583fd6a88a"}, {"name": "32230", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32230"}, {"name": "oval:org.mitre.oval:def:10253", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10253"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"}, {"name": "ADV-2008-2762", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2762"}, {"name": "33396", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/33396"}, {"name": "32127", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32127"}, {"name": "RHSA-2009:0008", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2009-0008.html"}, {"name": "USN-653-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-653-1"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2008-3834", "datePublished": "2008-10-07T19:00:00", "dateReserved": "2008-08-27T00:00:00", "dateUpdated": "2024-08-07T09:53:00.382Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:freedesktop:dbus:*:*:*:*:*:*:*:*", "matchCriteriaId": "F812F6E2-0AFD-43E7-B41B-E42A40F7B9B1", "versionEndIncluding": "1.1.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "1A2945FB-BDB8-49B7-BA9A-2BB390345FED", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "0FE08E05-948A-4A9C-BA91-B2935355D3CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "CB0A3D5A-8823-4365-83B9-1E370C131F3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "E6262F9B-30B5-4A7E-AC49-B9221B06CA4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "C2F4A579-8F26-47CF-9AE0-41334A9751AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "E12E1141-5FE4-43BF-B3A0-DC45C593F880", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "B04817C0-14A2-4B75-8747-691D48E70BAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.8:*:*:*:*:*:*:*", "matchCriteriaId": "09C8C79E-AE58-48AE-89DB-E84637543783", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.9:*:*:*:*:*:*:*", "matchCriteriaId": "ED4ECF06-79CC-4142-BE6A-AF4E1E981543", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.10:*:*:*:*:*:*:*", "matchCriteriaId": "A87CC329-AF59-4882-82E1-851C4E0BB0B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.11:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA4ACC-9166-491C-A8D4-A5418F3B0965", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.12:*:*:*:*:*:*:*", "matchCriteriaId": "084A8212-B0FC-41BA-9532-080E8F92B949", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.13:*:*:*:*:*:*:*", "matchCriteriaId": "0EB88CDF-0C71-4FE7-9210-C43EBE806416", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.20:*:*:*:*:*:*:*", "matchCriteriaId": "0D84E94E-18EB-4276-AF55-2FB9850B08CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.21:*:*:*:*:*:*:*", "matchCriteriaId": "0C6D0AAC-7F4B-48FF-9ACB-8C8844BDD722", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.22:*:*:*:*:*:*:*", "matchCriteriaId": "5FD40B16-FF56-4C23-B8A9-D79433713F35", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.23:*:*:*:*:*:*:*", "matchCriteriaId": "C5A81FE8-37A0-46CE-AAA4-F00CF4122C71", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.23.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8815B87-7910-4E41-AB28-AEAD9F53475A", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.23.2:*:*:*:*:*:*:*", "matchCriteriaId": "DCEF7E9B-3F19-48CF-862B-B5935824A4C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.23.3:*:*:*:*:*:*:*", "matchCriteriaId": "1FB32F7B-8616-40F5-8D94-4FC97F6AD958", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.31:*:*:*:*:*:*:*", "matchCriteriaId": "4EC42FAD-C541-4D91-BDF6-62AA1C894B42", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.32:*:*:*:*:*:*:*", "matchCriteriaId": "FAECF21B-68AF-47D8-9540-BB0001087881", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.33:*:*:*:*:*:*:*", "matchCriteriaId": "30D0DE09-5F83-423B-AD86-033005D35994", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.34:*:*:*:*:*:*:*", "matchCriteriaId": "D6618ACC-B506-4A92-BE4F-346FAC29D24F", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.35:*:*:*:*:*:*:*", "matchCriteriaId": "BB406736-7185-4E0A-ACC6-4F79AB312FA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.35.1:*:*:*:*:*:*:*", "matchCriteriaId": "18867CA7-E4AE-4312-A6E8-0CC514FCF063", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.35.2:*:*:*:*:*:*:*", "matchCriteriaId": "5C443F3D-5BD0-4E89-99F1-1BC0798666F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.36:*:*:*:*:*:*:*", "matchCriteriaId": "2DA75AB4-4ADF-4E42-8840-B044DC4D9FFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.36.1:*:*:*:*:*:*:*", "matchCriteriaId": "D809A431-7BA6-4C9F-8644-33A14389B289", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.36.2:*:*:*:*:*:*:*", "matchCriteriaId": "732CD552-3E19-4389-B426-77D5B473866F", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.50:*:*:*:*:*:*:*", "matchCriteriaId": "1702AE33-38F4-40C5-B448-C863A7E95553", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.61:*:*:*:*:*:*:*", "matchCriteriaId": "2392266A-BE81-4494-81C3-942ED56B0558", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.62:*:*:*:*:*:*:*", "matchCriteriaId": "BCCA6868-E09D-4616-A9A8-EF63F20C981D", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "60B6DA02-F08B-4ACE-8F93-F869467BC628", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "3B4E7E9B-722E-4EE1-A435-906DE07BEB2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "BEF4902A-5598-42B7-8BB0-E9F8AB645D59", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "B8671706-FC4E-4485-945C-C397C80D859E", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "FA34903A-9D38-46FF-B702-D6BEECA96031", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "39753912-8A2D-49B0-B90B-43DAF723B34A", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus1.0:rc1:*:*:*:*:*:*:*", "matchCriteriaId": "FD645A12-104C-492E-88DF-564F5243908C", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus1.0:rc2:*:*:*:*:*:*:*", "matchCriteriaId": "C8155853-ABF6-44D0-AC28-F57A3F31674A", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus1.0:rc3:*:*:*:*:*:*:*", "matchCriteriaId": "6C7B4067-5BE5-49AE-8118-9E5D0A09BBA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:freedesktop:dbus1.1.0:*:*:*:*:*:*:*:*", "matchCriteriaId": "B10EE142-34F2-4BF3-A51A-5A6741F6C2E2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error."}, {"lang": "es", "value": "La funci\u00f3n dbus_signature_validat en la librer\u00eda D-bus (libdbus), versiones anteriores a 1.2.4, permite a los atacantes remotos causar una denegaci\u00f3n de servicios (aplicaci\u00f3n suspendida) a trav\u00e9s de un mensaje que contiene una firma mal formada, el cual lanza un error assertion."}], "id": "CVE-2008-3834", "lastModified": "2017-09-29T01:31:52.960", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-10-07T21:01:52.150", "references": [{"source": "secalert@redhat.com", "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/32127"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/32230"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/32281"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/32385"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/33396"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2008/dsa-1658"}, {"source": "secalert@redhat.com", "url": "http://www.freedesktop.org/wiki/Software/dbus#head-dad0dab297a44f1d7a3b1259cfc06b583fd6a88a"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:213"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2009-0008.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/31602"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1021063"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/usn-653-1"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2008/2762"}, {"source": "secalert@redhat.com", "url": "https://bugs.freedesktop.org/show_bug.cgi?id=17803"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3834"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45701"}, {"source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10253"}, {"source": "secalert@redhat.com", "url": "https://www.exploit-db.com/exploits/7822"}, {"source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00298.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2009:0008", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "dbus-0:1.0.0-7.el5_2.1", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2009-01-07T00:00:00Z"}], "bugzilla": {"description": "dbus denial of service", "id": "464674", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=464674"}, "csaw": false, "details": ["The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error."], "name": "CVE-2008-3834", "public_date": "2008-09-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2008-3834\nhttps://nvd.nist.gov/vuln/detail/CVE-2008-3834"], "threat_severity": "Moderate"}