Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Ubuntu 14.04 ESM: USN-4015-2 Critical: Dbus Access Issue

Calendar Jun 12, 2019 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory Ubuntu authentication issue system update unintended access DBus sudo access
DBus could allow unintended access to services. 
=========================================================================Ubuntu Security Notice USN-4015-2
June 12, 2019

dbus vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM

Summary:

DBus could allow unintended access to services.

Software Description:
- dbus: simple interprocess messaging system

Details:

USN-4015-1 fixed a vulnerability in DBus. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details:

 Joe Vennix discovered that DBus incorrectly handled DBUS_COOKIE_SHA1
 authentication. A local attacker could possibly use this issue to bypass
 authentication and connect to DBus servers with elevated privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
  dbus                            1.6.18-0ubuntu4.5+esm1
  libdbus-1-3                     1.6.18-0ubuntu4.5+esm1

Ubuntu 12.04 ESM:
  dbus                            1.4.18-1ubuntu1.9
  libdbus-1-3                     1.4.18-1ubuntu1.9

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-4015-2
  https://ubuntu.com/security/notices/USN-4015-1
  CVE-2019-12749

Ubuntu 14.04 ESM: USN-4015-2 Critical: Dbus Access Issue

ubuntu
Calendar Grey June 12, 2019
Dist Ubuntu Esm H88
A flaw in DBus permits unauthorized entry to services on various Ubuntu versions. Check the advisory for further insights.
DBus could allow unintended access to services.

Summary

Topics%20covered

Topics Covered

security advisory Ubuntu authentication issue system update unintended access DBus sudo access

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: dbus 1.6.18-0ubuntu4.5+esm1 libdbus-1-3 1.6.18-0ubuntu4.5+esm1 Ubuntu 12.04 ESM: dbus 1.4.18-1ubuntu1.9 libdbus-1-3 1.4.18-1ubuntu1.9 After a standard system update you need to reboot your computer to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4015-2

https://ubuntu.com/security/notices/USN-4015-1

CVE-2019-12749

Severity
critical
Lowest
Low
Medium
High
Critical

June 12, 2019

Topics%20covered

Topics Covered

security advisory Ubuntu authentication issue system update unintended access DBus sudo access

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here