Vulnerability Details : CVE-2006-6107
Unspecified vulnerability in the match_rule_equal function in bus/signals.c in D-Bus before 1.0.2 allows local applications to remove match rules for other applications and cause a denial of service (lost process messages).
Vulnerability category: Denial of service
Products affected by CVE-2006-6107
- cpe:2.3:a:d-bus:d-bus:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:d-bus:d-bus:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:d-bus:d-bus:0.20:*:*:*:*:*:*:*
- cpe:2.3:a:d-bus:d-bus:0.21:*:*:*:*:*:*:*
- cpe:2.3:a:d-bus:d-bus:0.22:*:*:*:*:*:*:*
- cpe:2.3:a:d-bus:d-bus:0.23:*:*:*:*:*:*:*
- cpe:2.3:a:d-bus:d-bus:0.13:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-6107
0.09%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 23 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-6107
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
1.7
|
LOW | AV:L/AC:L/Au:S/C:N/I:N/A:P |
3.1
|
2.9
|
NIST |
Vendor statements for CVE-2006-6107
-
Red Hat 2007-03-14Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
References for CVE-2006-6107
-
http://secunia.com/advisories/23611
About Secunia Research | Flexera
-
http://lists.rpath.com/pipermail/security-announce/2007-February/000147.html
-
http://www.securitytracker.com/id?1017608
GoDaddy Domain Name Search
-
http://secunia.com/advisories/23390
About Secunia Research | Flexera
-
http://archives.mandrivalinux.com/security-announce/2006-12/msg00025.php
Linux Development - Mandriva Linux
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9951
404 Not Found
-
http://www.securityfocus.com/bid/21571
Patch
-
http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html
openSUSE-SU-2012:1418-1: moderate: update for dbus-1, dbus-1-x11
-
https://issues.rpath.com/browse/RPL-860
-
http://openpkg.com/go/OpenPKG-SA-2006.041
-
http://www.vupen.com/english/advisories/2006/4988
Site en construction
-
http://secunia.com/advisories/24131
About Secunia Research | Flexera
-
http://www.redhat.com/support/errata/RHSA-2007-0008.html
Support
-
https://bugs.freedesktop.org/show_bug.cgi?id=9142
9142 – CVE-2006-6107 [patch] fix a nasty bug in match_rule_equal()Patch
-
http://www.ubuntu.com/usn/usn-401-1
USN-401-1: D-Bus vulnerability | Ubuntu security notices | Ubuntu
-
http://secunia.com/advisories/23373
About Secunia Research | Flexera
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/30874
D-Bus match_rule_equal() denial of service CVE-2006-6107 Vulnerability Report
-
http://www.freedesktop.org/wiki/Software/dbus
dbus
-
http://secunia.com/advisories/24059
About Secunia Research | Flexera
Jump to