CVE-2008-0595
EPSS 0.07%dbus
發布日:2008/2/29修改日:2026/4/28
也稱為:DEBIAN-CVE-2008-0595
描述
dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method call with a NULL interface.
受影響套件(2)
- Debian/dbusfrom 0, < 1.1.20-1
- Debian/dbusfrom 0, < 1.0.2-1+etch1