CVE 2010-1172
DBus-GLib 0.73 disregards the access flag of exported GObject properties, which allows local users to bypass intended access restrictions and possibly cause a denial of service by modifying properties, as demonstrated by properties of the (1) DeviceKit-Power, (2) NetworkManager, and (3) ModemManager services.
Related bugs and status
CVE-2010-1172 (Candidate) is related to these bugs:
Bug #387345: NM does not memorize network activation state on suspend/resume or restart
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
387345 | NM does not memorize network activation state on suspend/resume or restart | network-manager (Ubuntu) | Wishlist | Fix Released | ||
387345 | NM does not memorize network activation state on suspend/resume or restart | NetworkManager | Medium | Fix Released | ||
387345 | NM does not memorize network activation state on suspend/resume or restart | Linux | Medium | Fix Released |
Bug #447067: Network Connections window says I've "Never" used the wired connection I'm using right now
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
447067 | Network Connections window says I've "Never" used the wired connection I'm using right now | network-manager (Ubuntu) | Low | Fix Released |
Bug #458595: NetworkManager VPN Openconnect (Cisco) doesn't ask for password
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
458595 | NetworkManager VPN Openconnect (Cisco) doesn't ask for password | dbus (Ubuntu) | Undecided | Invalid | ||
458595 | NetworkManager VPN Openconnect (Cisco) doesn't ask for password | network-manager (Ubuntu) | Medium | Fix Released | ||
458595 | NetworkManager VPN Openconnect (Cisco) doesn't ask for password | dbus (Ubuntu Maverick) | Undecided | Invalid | ||
458595 | NetworkManager VPN Openconnect (Cisco) doesn't ask for password | network-manager (Ubuntu Maverick) | Medium | Fix Released |
Bug #616517: CVE-2010-1172 dbus-glib: property access not validated
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
616517 | CVE-2010-1172 dbus-glib: property access not validated | dbus-glib (Ubuntu) | Medium | Fix Released | ||
616517 | CVE-2010-1172 dbus-glib: property access not validated | dbus-glib (Fedora) | Medium | Fix Released | ||
616517 | CVE-2010-1172 dbus-glib: property access not validated | dbus-glib (Debian) | Unknown | Fix Released | ||
616517 | CVE-2010-1172 dbus-glib: property access not validated | dbus-glib (Ubuntu Hardy) | Medium | Fix Released | ||
616517 | CVE-2010-1172 dbus-glib: property access not validated | dbus-glib (Ubuntu Karmic) | Medium | Won't Fix | ||
616517 | CVE-2010-1172 dbus-glib: property access not validated | dbus-glib (Ubuntu Lucid) | Medium | Fix Released | ||
616517 | CVE-2010-1172 dbus-glib: property access not validated | network-manager (Ubuntu) | Undecided | Fix Released | ||
616517 | CVE-2010-1172 dbus-glib: property access not validated | network-manager (Ubuntu Hardy) | Undecided | Fix Released | ||
616517 | CVE-2010-1172 dbus-glib: property access not validated | network-manager (Ubuntu Karmic) | Undecided | Won't Fix | ||
616517 | CVE-2010-1172 dbus-glib: property access not validated | network-manager (Ubuntu Lucid) | Undecided | Fix Released | ||
616517 | CVE-2010-1172 dbus-glib: property access not validated | modemmanager (Ubuntu) | Undecided | Fix Released | ||
616517 | CVE-2010-1172 dbus-glib: property access not validated | modemmanager (Ubuntu Hardy) | Undecided | Invalid | ||
616517 | CVE-2010-1172 dbus-glib: property access not validated | modemmanager (Ubuntu Karmic) | Undecided | Won't Fix | ||
616517 | CVE-2010-1172 dbus-glib: property access not validated | modemmanager (Ubuntu Lucid) | Undecided | Fix Released |
Bug #662791: modem-manager writes to log every 2 seconds
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
662791 | modem-manager writes to log every 2 seconds | modemmanager (Ubuntu) | Medium | Fix Released |
Bug #673457: modem-manager spams syslog with statistics
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
673457 | modem-manager spams syslog with statistics | modemmanager (Ubuntu) | Undecided | Fix Released |
Bug #686418: modemmanager prevents Gobi 2000 firmware loading
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
686418 | modemmanager prevents Gobi 2000 firmware loading | modemmanager (Ubuntu) | High | Fix Released | ||
686418 | modemmanager prevents Gobi 2000 firmware loading | modemmanager (Ubuntu Natty) | High | Fix Released |
See the
CVE page on Mitre.org
for more details.