CVE-2005-0201

Published: 29 June 2005

D-BUS (dbus) before 0.22 does not properly restrict access to a socket, if the socket address is known, which allows local users to listen or send arbitrary messages on another user's per-user session bus via that socket.

Priority

Status

Package	Release	Status
dbus Launchpad, Ubuntu, Debian	dapper	Released (0.60-6ubuntu8.1)
	edgy	Released (0.93-0ubuntu3.1)
	feisty	Released (1.0.2-1ubuntu3)
	upstream	Needs triage
dbus-glib Launchpad, Ubuntu, Debian	dapper	Does not exist
	edgy	Released (0.71-1ubuntu1)
	feisty	Released (0.71-1ubuntu1)
	upstream	Needs triage
dbus-python Launchpad, Ubuntu, Debian	dapper	Does not exist
	edgy	Released (0.71-2ubuntu1)
	feisty	Released (0.71-2ubuntu1)
	upstream	Needs triage
dbus-qt3 Launchpad, Ubuntu, Debian	dapper	Does not exist
	edgy	Released (0.62.git.20060814-1)
	feisty	Released (0.62.git.20060814-1)
	upstream	Needs triage
dbus-sharp Launchpad, Ubuntu, Debian	dapper	Does not exist
	edgy	Released (0.63.git.20060719-2ubuntu1)
	feisty	Does not exist
	upstream	Needs triage

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

CVE-2005-0201

Priority

Status

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Further reading