CVE-2014-3639

Published Sep 22, 2014

Last updated 3 months ago

CVSS info 2.1

Overview

Description: The dbus-daemon in D-Bus before 1.6.24 and 1.8.x before 1.8.8 does not properly close old connections, which allows local users to cause a denial of service (incomplete connection consumption and prevention of new connections) via a large number of incomplete connections.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Evaluator

Comment: <a href="http://cwe.mitre.org/data/definitions/774.html">CWE-774: Allocation of File Descriptors or Handles Without Limits or Throttling</a>
Impact: -
Solution: -

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:d-bus_project:d-bus:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CFAD9C82-0893-47DE-9BE4-7D97EF6E1441",
            "versionEndIncluding": "1.6.22"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A772FA8-668B-45AC-9813-0B5ADCE91DD6"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E155EB75-8D98-4469-98CB-81A40ABF0D9C"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D6AF8D8-6A4E-4A42-A738-84690B6F9FDC"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E598FE36-ABEB-4682-950A-E462CC780F82"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.6.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE224CED-410C-43D8-9220-0AEF5EB49C8D"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.6.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A24ED739-0B39-4A70-B7E0-8A859759233D"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.6.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F89DEA95-DFB8-4D75-BE65-A477972D143E"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.6.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76BCD0D9-4F06-46E7-8734-AAEE28DD1631"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.6.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C22CA4E4-458D-465A-8272-473055A608EB"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.6.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8133A184-FC2E-41AC-B2C2-EFD819B011FC"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.6.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D5009D1-BDA4-4DFC-A629-07144BDAEC93"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9AB63C07-1022-4EEE-B419-4E0A80AE64A5"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.8.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68B161B9-7385-4C0B-AC4D-1145E1004B74"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.8.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6DD6AAFC-C18F-4AF5-B8D1-82F85F8421DC"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:1.8.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A214F572-0572-426B-979C-22EB3A43ED6F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Evaluator

Configurations

References