Fluid Attacks Database

Description

D-BUS (dbus) before 0.22 does not properly restrict access to a socket, if the socket address is known, which allows local users to listen or send arbitrary messages on another user's per-user session bus via that socket.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	dbus	>=0 <0.22	0.22
debian 12	dbus	>=0 <0.22	0.22
debian 14	dbus	>=0 <0.22	0.22
debian 13	dbus	>=0 <0.22	0.22

Aliases

1. CVE-2005-02012. NVD-2005-02013. OSV-DEBIAN-2005-02014. OSV-2005-02015. SECURITY-TRACKER-CVE-2005-0201

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.