Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Ubuntu 12.10: USN-1753-1 Moderate: DBus-GLib Privilege Escalation

Calendar Feb 27, 2013 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory privilege escalation moderate severity ubuntu dbus-glib
An attacker could send crafted input to applications using DBus-GLib and possibly escalate privileges. 
=========================================================================Ubuntu Security Notice USN-1753-1
February 27, 2013

dbus-glib vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 10.04 LTS

Summary:

An attacker could send crafted input to applications using DBus-GLib and
possibly escalate privileges.

Software Description:
- dbus-glib: simple interprocess messaging system

Details:

Sebastian Krahmer and Bastien Nocera discovered that DBus-GLib did not
properly validate the message sender when the "NameOwnerChanged" signal was
received. A local attacker could possibly use this issue to escalate their
privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
  libdbus-glib-1-2                0.100-1ubuntu0.1

Ubuntu 12.04 LTS:
  libdbus-glib-1-2                0.98-1ubuntu1.1

Ubuntu 11.10:
  libdbus-glib-1-2                0.94-4ubuntu0.1

Ubuntu 10.04 LTS:
  libdbus-glib-1-2                0.84-1ubuntu0.3

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
  
  CVE-2013-0292

Package Information:
  https://launchpad.net/ubuntu/+source/dbus-glib/0.100-1ubuntu0.1
  https://launchpad.net/ubuntu/+source/dbus-glib/0.98-1ubuntu1.1
  https://launchpad.net/ubuntu/+source/dbus-glib/0.94-4ubuntu0.1
  https://launchpad.net/ubuntu/+source/dbus-glib/0.84-1ubuntu0.3

Ubuntu 12.10: USN-1753-1 Moderate: DBus-GLib Privilege Escalation

ubuntu
Calendar Grey February 27, 2013
Dist Ubuntu Esm H88
The Ubuntu Security Notice USN-1753-2 addresses a vulnerability in the NetworkManager that may permit unauthorized users to gain elevated access.
An attacker could send crafted input to applications using DBus-GLib and possibly escalate privileges.

Summary

Topics%20covered

Topics Covered

security advisory privilege escalation moderate severity ubuntu dbus-glib

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 12.10: libdbus-glib-1-2 0.100-1ubuntu0.1 Ubuntu 12.04 LTS: libdbus-glib-1-2 0.98-1ubuntu1.1 Ubuntu 11.10: libdbus-glib-1-2 0.94-4ubuntu0.1 Ubuntu 10.04 LTS: libdbus-glib-1-2 0.84-1ubuntu0.3 After a standard system update you need to reboot your computer to make all the necessary changes.

References

CVE-2013-0292

Severity
important
Lowest
Low
Medium
High
Critical

February 27, 2013

Topics%20covered

Topics Covered

security advisory privilege escalation moderate severity ubuntu dbus-glib

Package Information

https://launchpad.net/ubuntu/+source/dbus-glib/0.100-1ubuntu0.1 https://launchpad.net/ubuntu/+source/dbus-glib/0.98-1ubuntu1.1 https://launchpad.net/ubuntu/+source/dbus-glib/0.94-4ubuntu0.1 https://launchpad.net/ubuntu/+source/dbus-glib/0.84-1ubuntu0.3

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here