PT-2010-2883 · Red Hat+2 · Networkmanager+4

Colin Walters

Published

2010-08-10

Updated

2017-08-17

CVE-2010-1172

CVSS v2.0

3.6

Low

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions DBus-GLib version 0.73

Description The issue disregards the access flag of exported GObject properties, allowing local users to bypass intended access restrictions and possibly cause a denial of service by modifying properties. This is demonstrated by properties of services such as DeviceKit-Power, NetworkManager, and ModemManager.

Recommendations For DBus-GLib version 0.73, consider restricting access to the exported GObject properties to minimize the risk of exploitation until a patch is available.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2010-1172

OPENSUSE-SU-2024:10280-1

RHSA-2010:0616

RHSA-2010_0616

Affected Products

Dbus-Glib

Devicekit-Power

Modemmanager

Networkmanager

Red Hat

PT-2010-2883 · Red Hat+2 · Networkmanager+4

CVE-2010-1172

Weakness Enumeration

Related Identifiers

Affected Products

References · 21