Vulnerability Details : CVE-2012-3524
Potential exploit
libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: libdbus maintainers state that this is a vulnerability in the applications that do not cleanse environment variables, not in libdbus itself: "we do not support use of libdbus in setuid binaries that do not sanitize their environment before their first call into libdbus."
Vulnerability category: Execute code
Products affected by CVE-2012-3524
- cpe:2.3:a:freedesktop:libdbus:*:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:libdbus:1.5.10:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:libdbus:1.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:libdbus:1.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:libdbus:1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:libdbus:1.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:libdbus:1.5.4:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-3524
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 12 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-3524
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST |
CWE ids for CVE-2012-3524
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-3524
-
https://bugzilla.redhat.com/show_bug.cgi?id=847402
847402 – (CVE-2012-3524) CVE-2012-3524 dbus: privilege escalation when libdbus is used in setuid/setgid application
-
http://www.openwall.com/lists/oss-security/2012/09/12/6
oss-security - libdbus CVE-2012-3524 fix
-
http://www.openwall.com/lists/oss-security/2012/09/17/2
oss-security - Re: libdbus CVE-2012-3524 fix
-
http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html
openSUSE-SU-2012:1418-1: moderate: update for dbus-1, dbus-1-x11
-
https://bugzilla.novell.com/show_bug.cgi?id=697105
Bug 697105 – VUL-0: CVE-2012-3524: libdbus using getenv() in suids
-
https://bugs.freedesktop.org/show_bug.cgi?id=52202
52202 – document that setuid executables must clear their environment before using libdbusPatch
-
http://www.ubuntu.com/usn/USN-1576-2
USN-1576-2: DBus regressions | Ubuntu security notices
-
http://www.openwall.com/lists/oss-security/2012/07/10/4
oss-security - libdbus hardening
-
http://www.mandriva.com/security/advisories?name=MDVSA-2013:083
mandriva.com
-
http://www.exploit-db.com/exploits/21323
libdbus - 'DBUS_SYSTEM_BUS_ADDRESS' Local Privilege Escalation - Linux local ExploitExploit
-
http://www.mandriva.com/security/advisories?name=MDVSA-2013:070
mandriva.com
-
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00000.html
[security-announce] openSUSE-SU-2012:1287-1: important: update for dbus-
-
http://rhn.redhat.com/errata/RHSA-2012-1261.html
RHSA-2012:1261 - Security Advisory - Red Hat Customer Portal
-
http://www.securityfocus.com/bid/55517
libdbus 'DBUS_SYSTEM_BUS_ADDRESS' Variable Local Privilege Escalation VulnerabilityExploit
-
http://www.openwall.com/lists/oss-security/2012/07/26/1
oss-security - Re: libdbus hardening
-
http://www.ubuntu.com/usn/USN-1576-1
USN-1576-1: DBus vulnerability | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00015.html
[security-announce] SUSE-SU-2012:1155-2: important: Security update for
-
http://www.openwall.com/lists/oss-security/2012/09/14/2
oss-security - Re: libdbus CVE-2012-3524 fix
-
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00009.html
[security-announce] SUSE-SU-2012:1155-1: important: Security update for
-
http://stealth.openwall.net/null/dzug.c
Exploit
Jump to