CVE-2012-3524

Summary

CVE	CVE-2012-3524
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2012-09-18 17:55:00 UTC
Updated	2023-11-07 02:11:00 UTC
Description	libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: libdbus maintainers state that this is a vulnerability in the applications that do not cleanse environment variables, not in libdbus itself: "we do not support use of libdbus in setuid binaries that do not sanitize their environment before their first call into libdbus."

Risk And Classification

Problem Types: CWE-264

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Freedesktop	Libdbus	1.5.0	All	All	All
Application	Freedesktop	Libdbus	1.5.10	All	All	All
Application	Freedesktop	Libdbus	1.5.2	All	All	All
Application	Freedesktop	Libdbus	1.5.4	All	All	All
Application	Freedesktop	Libdbus	1.5.6	All	All	All
Application	Freedesktop	Libdbus	1.5.8	All	All	All
Application	Freedesktop	Libdbus	1.5.0	All	All	All
Application	Freedesktop	Libdbus	1.5.10	All	All	All
Application	Freedesktop	Libdbus	1.5.2	All	All	All
Application	Freedesktop	Libdbus	1.5.4	All	All	All
Application	Freedesktop	Libdbus	1.5.6	All	All	All
Application	Freedesktop	Libdbus	1.5.8	All	All	All
Application	Freedesktop	Libdbus	All	All	All	All

References

Reference	Source	Link	Tags
[security-announce] SUSE-SU-2012:1155-1: important: Security update for	SUSE	lists.opensuse.org
oss-security - libdbus CVE-2012-3524 fix	MLIST	www.openwall.com
Bug 697105 – VUL-0: CVE-2012-3524: libdbus using getenv() in suids	MISC	bugzilla.novell.com
Security Advisory SA50544 - Red Hat update for dbus - Secunia	SECUNIA	secunia.com
Security Alerts - Secunia	SECUNIA	secunia.com
openSUSE-SU-2012:1418-1: moderate: update for dbus-1, dbus-1-x11	SUSE	lists.opensuse.org
847402 – (CVE-2012-3524) CVE-2012-3524 dbus: privilege escalation when libdbus is used in setuid/setgid application	MISC	bugzilla.redhat.com
Red Hat Customer Portal	MISC	access.redhat.com
Red Hat Customer Portal	REDHAT	rhn.redhat.com
[security-announce] openSUSE-SU-2012:1287-1: important: update for dbus-	SUSE	lists.opensuse.org
CVE-2012-3524 - Red Hat Customer Portal	MISC	access.redhat.com
stealth.openwall.net/null/dzug.c	MISC	stealth.openwall.net	Exploit
USN-1576-2: DBus regressions \| Ubuntu	UBUNTU	www.ubuntu.com
oss-security - libdbus hardening	MLIST	www.openwall.com
[security-announce] SUSE-SU-2012:1155-2: important: Security update for	SUSE	lists.opensuse.org
USN-1576-1: DBus vulnerability \| Ubuntu	UBUNTU	www.ubuntu.com
oss-security - Re: libdbus hardening	MLIST	www.openwall.com
oss-security - Re: libdbus CVE-2012-3524 fix	MLIST	www.openwall.com
504 Gateway Time-out	BID	www.securityfocus.com	Exploit
Support / Security / Advisories / / MDVSA-2013:070 \| Mandriva	MANDRIVA	www.mandriva.com
libdbus 'DBUS_SYSTEM_BUS_ADDRESS' Local Privilege Escalation	EXPLOIT-DB	www.exploit-db.com	Exploit
Support / Security / Advisories / / MDVSA-2013:083 \| Mandriva	MANDRIVA	www.mandriva.com
Bug 52202 – document that setuid executables must clear their environment before using libdbus	CONFIRM	bugs.freedesktop.org	Patch
Security Alerts - Secunia	SECUNIA	secunia.com	Vendor Advisory
oss-security - Re: libdbus CVE-2012-3524 fix	MLIST	www.openwall.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.