Vulnerability Name:

CVE-2011-2200 (CCN-67974)

Assigned:2011-06-09
Published:2011-06-09
Updated:2017-08-29
Summary:The _dbus_header_byteswap function in dbus-marshal-header.c in D-Bus (aka DBus) 1.2.x before 1.2.28, 1.4.x before 1.4.12, and 1.5.x before 1.5.4 does not properly handle a non-native byte order, which allows local users to cause a denial of service (connection loss), obtain potentially sensitive information, or conduct unspecified state-modification attacks via crafted messages.
CVSS v3 Severity:4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
3.5 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:TF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:TF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
2.1 Low (REDHAT CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
1.6 Low (REDHAT Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:TF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-20
Vulnerability Consequences:Denial of Service
References:Source: CONFIRM
Type: UNKNOWN
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629938

Source: CONFIRM
Type: Patch
http://cgit.freedesktop.org/dbus/dbus/commit/?h=dbus-1.2&id=6519a1f77c61d753d4c97efd6e15630eb275336e

Source: CONFIRM
Type: Patch
http://cgit.freedesktop.org/dbus/dbus/commit/?h=dbus-1.4&id=c3223ba6c401ba81df1305851312a47c485e6cd7

Source: CONFIRM
Type: Patch
http://cgit.freedesktop.org/dbus/dbus/tree/NEWS?h=dbus-1.2

Source: CONFIRM
Type: UNKNOWN
http://cgit.freedesktop.org/dbus/dbus/tree/NEWS?h=dbus-1.4

Source: MITRE
Type: CNA
CVE-2011-2200

Source: CCN
Type: freedesktop Web site
D-Bus Tutorial

Source: CONFIRM
Type: UNKNOWN
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

Source: MLIST
Type: UNKNOWN
[dbus] 20070317 D-Bus daemon endianness issue

Source: MLIST
Type: UNKNOWN
[dbus] 20110530 D-Bus daemon big and little endian issue

Source: MLIST
Type: Patch
[oss-security] 20110612 CVE Request -- dbus -- Local DoS via messages with non-native byte order

Source: MLIST
Type: UNKNOWN
[oss-security] 20110612 Bug#629938: Info received (CVE Request -- dbus -- Local DoS via messages with non-native byte order)

Source: MLIST
Type: Patch
[oss-security] 20110613 Re: CVE Request -- dbus -- Local DoS via messages with non-native byte order

Source: CCN
Type: RHSA-2011-1132
Moderate: dbus security update

Source: CCN
Type: SA44896
D-Bus Message Byte Order Denial of Service Weakness

Source: SECUNIA
Type: Vendor Advisory
44896

Source: CCN
Type: OSVDB ID: 72896
D-Bus dbus-marshal-header.c _dbus_header_byteswap Function Message Byte Order Local DoS

Source: REDHAT
Type: UNKNOWN
RHSA-2011:1132

Source: CCN
Type: BID-48216
D-Bus Message Byte Order Denial of Service Vulnerability

Source: CCN
Type: FreeDesktop Bugzilla Bug 38120
byteswapping a message doesn't change the byte-order mark

Source: CONFIRM
Type: UNKNOWN
https://bugs.freedesktop.org/show_bug.cgi?id=38120

Source: CONFIRM
Type: Patch
https://bugzilla.redhat.com/show_bug.cgi?id=712676

Source: XF
Type: UNKNOWN
dbus-nonnative-dos(67974)

Source: XF
Type: UNKNOWN
dbus-nonnative-dos(67974)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:d-bus_project:d-bus:1.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:d-bus_project:d-bus:1.5.2:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:d-bus_project:d-bus:1.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:d-bus_project:d-bus:1.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:d-bus_project:d-bus:1.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:d-bus_project:d-bus:1.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:d-bus_project:d-bus:1.4.8:*:*:*:*:*:*:*
  • OR cpe:/a:d-bus_project:d-bus:1.4.10:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/a:d-bus_project:d-bus:1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:d-bus_project:d-bus:1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:d-bus_project:d-bus:1.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:d-bus_project:d-bus:1.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:d-bus_project:d-bus:1.2.4.2:*:*:*:*:*:*:permissive
  • OR cpe:/a:d-bus_project:d-bus:1.2.4.4:*:*:*:*:*:*:permissive
  • OR cpe:/a:d-bus_project:d-bus:1.2.4.6:*:*:*:*:*:*:permissive
  • OR cpe:/a:d-bus_project:d-bus:1.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:d-bus_project:d-bus:1.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:d-bus_project:d-bus:1.2.10:*:*:*:*:*:*:*
  • OR cpe:/a:d-bus_project:d-bus:1.2.12:*:*:*:*:*:*:*
  • OR cpe:/a:d-bus_project:d-bus:1.2.14:*:*:*:*:*:*:*
  • OR cpe:/a:d-bus_project:d-bus:1.2.16:*:*:*:*:*:*:*
  • OR cpe:/a:d-bus_project:d-bus:1.2.18:*:*:*:*:*:*:*
  • OR cpe:/a:d-bus_project:d-bus:1.2.20:*:*:*:*:*:*:*
  • OR cpe:/a:d-bus_project:d-bus:1.2.22:*:*:*:*:*:*:*
  • OR cpe:/a:d-bus_project:d-bus:1.2.24:*:*:*:*:*:*:*
  • OR cpe:/a:d-bus_project:d-bus:1.2.26:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20112200
    V
    		CVE-2011-2200
    2022-05-20
    oval:org.mitre.oval:def:13734
    P
    		USN-1176-1 -- dbus vulnerability
    2014-06-30
    oval:org.mitre.oval:def:23558
    P
    		ELSA-2011:1132: dbus security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:22095
    P
    		RHSA-2011:1132: dbus security update (Moderate)
    2014-02-24
    oval:com.redhat.rhsa:def:20111132
    P
    		RHSA-2011:1132: dbus security update (Moderate)
    2011-08-09
    BACK
    d-bus_project d-bus 1.5.0
    d-bus_project d-bus 1.5.2
    d-bus_project d-bus 1.4.0
    d-bus_project d-bus 1.4.1
    d-bus_project d-bus 1.4.4
    d-bus_project d-bus 1.4.6
    d-bus_project d-bus 1.4.8
    d-bus_project d-bus 1.4.10
    d-bus_project d-bus 1.2.1
    d-bus_project d-bus 1.2.2
    d-bus_project d-bus 1.2.3
    d-bus_project d-bus 1.2.4
    d-bus_project d-bus 1.2.4.2
    d-bus_project d-bus 1.2.4.4
    d-bus_project d-bus 1.2.4.6
    d-bus_project d-bus 1.2.6
    d-bus_project d-bus 1.2.8
    d-bus_project d-bus 1.2.10
    d-bus_project d-bus 1.2.12
    d-bus_project d-bus 1.2.14
    d-bus_project d-bus 1.2.16
    d-bus_project d-bus 1.2.18
    d-bus_project d-bus 1.2.20
    d-bus_project d-bus 1.2.22
    d-bus_project d-bus 1.2.24
    d-bus_project d-bus 1.2.26