CVE-2019-12749
Summary
| CVE | CVE-2019-12749 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2019-06-11 17:29:00 UTC |
|---|
| Updated | 2023-11-07 03:03:00 UTC |
|---|
| Description | dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| oss-security - CVE-2019-12749: DBusServer DBUS_COOKIE_SHA1 authentication bypass |
MISC |
www.openwall.com |
Mailing List, Third Party Advisory |
| [SECURITY] Fedora 30 Update: dbus-1.12.16-1.fc30 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| [security-announce] openSUSE-SU-2019:1671-1: important: Security update |
SUSE |
lists.opensuse.org |
|
| Red Hat Customer Portal |
REDHAT |
access.redhat.com |
|
| D-Bus: Authentication bypass (GLSA 201909-08) — Gentoo security |
GENTOO |
security.gentoo.org |
|
| Red Hat Customer Portal |
REDHAT |
access.redhat.com |
|
| oss-security - CVE-2019-12749: DBusServer DBUS_COOKIE_SHA1 authentication bypass |
MLIST |
www.openwall.com |
Mailing List, Mitigation, Third Party Advisory |
| [security-announce] openSUSE-SU-2019:1750-1: important: Security update |
SUSE |
lists.opensuse.org |
|
| Red Hat Customer Portal |
REDHAT |
access.redhat.com |
|
| [security-announce] openSUSE-SU-2019:1604-1: important: Security update |
SUSE |
lists.opensuse.org |
|
| [SECURITY] Fedora 30 Update: dbus-1.12.16-1.fc30 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| [SECURITY] [DLA 1818-1] dbus security update |
MLIST |
lists.debian.org |
|
| Red Hat Customer Portal |
REDHAT |
access.redhat.com |
|
| USN-4015-2: DBus vulnerability | Ubuntu security notices |
UBUNTU |
usn.ubuntu.com |
|
| Bugtraq: [SECURITY] [DSA 4462-1] dbus security update |
BUGTRAQ |
seclists.org |
|
| Debian -- Security Information -- DSA-4462-1 dbus |
DEBIAN |
www.debian.org |
|
| USN-4015-1: DBus vulnerability | Ubuntu security notices |
UBUNTU |
usn.ubuntu.com |
Third Party Advisory |
| Malformed Request |
BID |
www.securityfocus.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 296078 Oracle Solaris 11.4 Support Repository Update (SRU) 16.4.0 Missing (CPUOCT2019)
- 354106 Amazon Linux Security Advisory for dbus : ALAS2-2022-1870
- 377142 Alibaba Cloud Linux Security Update for dbus (ALINUX3-SA-2022:0097)
- 377544 Alibaba Cloud Linux Security Update for dbus (ALINUX2-SA-2020:0155)
- 378281 Virtuozzo Linux Security Update for dbus-libs (VZLSA-2019:1726)
- 500143 Alpine Linux Security Update for dbus
- 503793 Alpine Linux Security Update for dbus
- 710124 Gentoo Linux D-Bus Authentication bypass Vulnerability (GLSA 201909-08)
- 900170 CBL-Mariner Linux Security Update for dbus 1.13.6
- 901112 Common Base Linux Mariner (CBL-Mariner) Security Update for dbus (6371-1)
- 902911 Common Base Linux Mariner (CBL-Mariner) Security Update for dbus (2665)
