PT-2010-2883 · Red Hat+2 · Networkmanager+4

Colin Walters

Publicado

2010-08-10

Atualizado

2017-08-17

CVE-2010-1172

CVSS v2.0

3.6

Baixa

Vetor

AV:L/AC:L/Au:N/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions DBus-GLib version 0.73

Description The issue disregards the access flag of exported GObject properties, allowing local users to bypass intended access restrictions and possibly cause a denial of service by modifying properties. This is demonstrated by properties of services such as DeviceKit-Power, NetworkManager, and ModemManager.

Recommendations For DBus-GLib version 0.73, consider restricting access to the exported GObject properties to minimize the risk of exploitation until a patch is available.

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2010-1172

OPENSUSE-SU-2024:10280-1

RHSA-2010:0616

RHSA-2010_0616

Produtos afetados

Dbus-Glib

Devicekit-Power

Modemmanager

Networkmanager

Red Hat

PT-2010-2883 · Red Hat+2 · Networkmanager+4

CVE-2010-1172

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 21