Launchpad CVE tracker

CVE 2010-1172

DBus-GLib 0.73 disregards the access flag of exported GObject properties, which allows local users to bypass intended access restrictions and possibly cause a denial of service by modifying properties, as demonstrated by properties of the (1) DeviceKit-Power, (2) NetworkManager, and (3) ModemManager services.

Related bugs and status

CVE-2010-1172 (Candidate) is related to these bugs:

Bug #387345: NM does not memorize network activation state on suspend/resume or restart

		In	Importance	Status
387345	NM does not memorize network activation state on suspend/resume or restart	network-manager (Ubuntu)	Wishlist	Fix Released
387345	NM does not memorize network activation state on suspend/resume or restart	NetworkManager	Medium	Fix Released
387345	NM does not memorize network activation state on suspend/resume or restart	Linux	Medium	Fix Released

Bug #447067: Network Connections window says I've "Never" used the wired connection I'm using right now

Summary				In	Importance	Status
	447067	Network Connections window says I've "Never" used the wired connection I'm using right now		network-manager (Ubuntu)	Low	Fix Released

Bug #458595: NetworkManager VPN Openconnect (Cisco) doesn't ask for password

		In	Importance	Status
458595	NetworkManager VPN Openconnect (Cisco) doesn't ask for password	dbus (Ubuntu)	Undecided	Invalid
458595	NetworkManager VPN Openconnect (Cisco) doesn't ask for password	network-manager (Ubuntu)	Medium	Fix Released
458595	NetworkManager VPN Openconnect (Cisco) doesn't ask for password	dbus (Ubuntu Maverick)	Undecided	Invalid
458595	NetworkManager VPN Openconnect (Cisco) doesn't ask for password	network-manager (Ubuntu Maverick)	Medium	Fix Released

Bug #616517: CVE-2010-1172 dbus-glib: property access not validated

		In	Importance	Status
616517	CVE-2010-1172 dbus-glib: property access not validated	dbus-glib (Ubuntu)	Medium	Fix Released
616517	CVE-2010-1172 dbus-glib: property access not validated	dbus-glib (Fedora)	Medium	Fix Released
616517	CVE-2010-1172 dbus-glib: property access not validated	dbus-glib (Debian)	Unknown	Fix Released
616517	CVE-2010-1172 dbus-glib: property access not validated	dbus-glib (Ubuntu Hardy)	Medium	Fix Released
616517	CVE-2010-1172 dbus-glib: property access not validated	dbus-glib (Ubuntu Karmic)	Medium	Won't Fix
616517	CVE-2010-1172 dbus-glib: property access not validated	dbus-glib (Ubuntu Lucid)	Medium	Fix Released
616517	CVE-2010-1172 dbus-glib: property access not validated	network-manager (Ubuntu)	Undecided	Fix Released
616517	CVE-2010-1172 dbus-glib: property access not validated	network-manager (Ubuntu Hardy)	Undecided	Fix Released
616517	CVE-2010-1172 dbus-glib: property access not validated	network-manager (Ubuntu Karmic)	Undecided	Won't Fix
616517	CVE-2010-1172 dbus-glib: property access not validated	network-manager (Ubuntu Lucid)	Undecided	Fix Released
616517	CVE-2010-1172 dbus-glib: property access not validated	modemmanager (Ubuntu)	Undecided	Fix Released
616517	CVE-2010-1172 dbus-glib: property access not validated	modemmanager (Ubuntu Hardy)	Undecided	Invalid
616517	CVE-2010-1172 dbus-glib: property access not validated	modemmanager (Ubuntu Karmic)	Undecided	Won't Fix
616517	CVE-2010-1172 dbus-glib: property access not validated	modemmanager (Ubuntu Lucid)	Undecided	Fix Released

Bug #662791: modem-manager writes to log every 2 seconds

Summary				In	Importance	Status
	662791	modem-manager writes to log every 2 seconds		modemmanager (Ubuntu)	Medium	Fix Released

Bug #673457: modem-manager spams syslog with statistics

Summary				In	Importance	Status
	673457	modem-manager spams syslog with statistics		modemmanager (Ubuntu)	Undecided	Fix Released

Bug #686418: modemmanager prevents Gobi 2000 firmware loading

Summary				In	Importance	Status
	686418	modemmanager prevents Gobi 2000 firmware loading		modemmanager (Ubuntu)	High	Fix Released
	686418	modemmanager prevents Gobi 2000 firmware loading		modemmanager (Ubuntu Natty)	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2010-1172

References