1
Candidate: CVE-2008-4311
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4311
6
The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6
7
omits the send_type attribute in certain rules, which allows local users to
8
bypass intended access restrictions by (1) sending messages, related to
9
send_requested_reply; and possibly (2) receiving messages, related to
10
receive_requested_reply.
13
kees> Ubuntu's dbus clients are not believed to be vulnerable.
24
intrepid_dbus: ignored
25
devel_dbus: not-affected