CVE-2012-3524

Freedesktop Libdbus < 1.5.12 - Access Control

Title source: rule

Description

libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: libdbus maintainers state that this is a vulnerability in the applications that do not cleanse environment variables, not in libdbus itself: "we do not support use of libdbus in setuid binaries that do not sanitize their environment before their first call into libdbus."

Exploits (1)

exploitdb WORKING POC

by Sebastian Krahmer · clocallinux

https://www.exploit-db.com/exploits/21323

View Code ZIP pw:eip

References (23)

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00009.html

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00015.html

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00000.html

[Mailing List] http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2012-1261.html

[Vendor Advisory] http://secunia.com/advisories/50537

[Third Party Advisory] http://secunia.com/advisories/50544

[Third Party Advisory] http://secunia.com/advisories/50710

[Exploit] http://stealth.openwall.net/null/dzug.c

[Exploit] http://www.exploit-db.com/exploits/21323

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDVSA-2013:070

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDVSA-2013:083

[Exploit] http://www.securityfocus.com/bid/55517

[Vendor Advisory] http://www.ubuntu.com/usn/USN-1576-1

[Vendor Advisory] http://www.ubuntu.com/usn/USN-1576-2

[Patch] https://bugs.freedesktop.org/show_bug.cgi?id=52202

[Issue Tracking] https://bugzilla.novell.com/show_bug.cgi?id=697105

[Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=847402

[Mailing List] http://www.openwall.com/lists/oss-security/2012/07/10/4

[Mailing List] http://www.openwall.com/lists/oss-security/2012/07/26/1

... and 3 more

Scores

EPSS 0.5238

EPSS Percentile 97.9%

Details

CWE

CWE-264

Status published

Products (7)

freedesktop/libdbus 1.5.0

freedesktop/libdbus 1.5.2

freedesktop/libdbus 1.5.4

freedesktop/libdbus 1.5.6

freedesktop/libdbus 1.5.8

freedesktop/libdbus 1.5.10

freedesktop/libdbus < 1.5.12

Published Sep 18, 2012

Tracked Since Feb 18, 2026