FreeBSD : dbus -- multiple vulnerabilities (38242d51-3e58-11e4-ac2f-bcaec565249c)

This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Simon McVittie reports :

Do not accept an extra fd in the padding of a cmsg message, which
could lead to a 4-byte heap buffer overrun (CVE-2014-3635).

Reduce default for maximum Unix file descriptors passed per message
from 1024 to 16, preventing a uid with the default maximum number of
connections from exhausting the system bus' file descriptors under
Linux's default rlimit (CVE-2014-3636).

Disconnect connections that still have a fd pending unmarshalling
after a new configurable limit, pending_fd_timeout (defaulting to 150
seconds), removing the possibility of creating an abusive connection
that cannot be disconnected by setting up a circular reference to a
connection's file descriptor (CVE-2014-3637).

Reduce default for maximum pending replies per connection from 8192 to
128, mitigating an algorithmic complexity denial-of-service attack

Reduce default for authentication timeout on the system bus from 30
seconds to 5 seconds, avoiding denial of service by using up all
unauthenticated connection slots; and when all unauthenticated
connection slots are used up, make new connection attempts block
instead of disconnecting them (CVE-2014-3639).

See also :

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 4.4

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 77733 ()

Bugtraq ID:

CVE ID: CVE-2014-3635

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now