Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.1
CVSSv2

CVE-2014-3639

Published: 22/09/2014 Updated: 27/12/2023
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Opensuse

Vulnerability Summary

The dbus-daemon in D-Bus prior to 1.6.24 and 1.8.x prior to 1.8.8 does not properly close old connections, which allows local users to cause a denial of service (incomplete connection consumption and prevention of new connections) via a large number of incomplete connections.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

opensuse opensuse 12.3

d-bus project d-bus

freedesktop dbus 1.6.4

freedesktop dbus 1.6.0

freedesktop dbus 1.8.0

freedesktop dbus 1.6.20

freedesktop dbus 1.6.10

freedesktop dbus 1.6.12

freedesktop dbus 1.6.16

freedesktop dbus 1.6.8

freedesktop dbus 1.6.14

freedesktop dbus 1.6.6

freedesktop dbus 1.8.6

freedesktop dbus 1.6.18

freedesktop dbus 1.8.4

freedesktop dbus 1.8.2

freedesktop dbus 1.6.2

Vendor Advisories

Ubuntu Security Notice: dbus vulnerabilities
Several security issues were fixed in DBus ...
Debian Security Advisories: DSA-3026-1 dbus -- security update
Alban Crequy and Simon McVittie discovered several vulnerabilities in the D-Bus message daemon CVE-2014-3635 On 64-bit platforms, file descriptor passing could be abused by local users to cause heap corruption in dbus-daemon, leading to a crash, or potentially to arbitrary code execution CVE-2014-3636 A denial-of-service vulnerab ...
Red Hat: CVE-2014-3639
The dbus-daemon in D-Bus before 1624 and 18x before 188 does not properly close old connections, which allows local users to cause a denial of service (incomplete connection consumption and prevention of new connections) via a large number of incomplete connections ...

References

CWE-399http://www.debian.org/security/2014/dsa-3026http://www.openwall.com/lists/oss-security/2014/09/16/9http://secunia.com/advisories/61378https://bugs.freedesktop.org/show_bug.cgi?id=80919http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00026.htmlhttp://www.ubuntu.com/usn/USN-2352-1http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2015:176http://advisories.mageia.org/MGASA-2014-0395.htmlhttp://www.securitytracker.com/id/1030864http://secunia.com/advisories/61431https://usn.ubuntu.com/2352-1/https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2014-3639
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook