SuSE 11.3 Security Update : dbus-1 (SAT Patch Number 9733)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

Various denial of service issues were fixed in the DBUS service.

- dbus-daemon tracks whether method call messages expect a
reply, so that unsolicited replies can be dropped. As
currently implemented, if there are n parallel method
calls in progress, each method reply takes O(n) CPU
time. A malicious user could exploit this by opening the
maximum allowed number of parallel connections and
sending the maximum number of parallel method calls on
each one, causing subsequent method calls to be
unreasonably slow, a denial of service. (CVE-2014-3638)

- dbus-daemon allows a small number of 'incomplete'
connections (64 by default) whose identity has not yet
been confirmed. When this limit has been reached,
subsequent connections are dropped. Alban's testing
indicates that one malicious process that makes repeated
connection attempts, but never completes the
authentication handshake and instead waits for
dbus-daemon to time out and disconnect it, can cause the
majority of legitimate connection attempts to fail.
(CVE-2014-3639)

See also :

https://bugzilla.novell.com/show_bug.cgi?id=896453
http://support.novell.com/security/cve/CVE-2014-3638.html
http://support.novell.com/security/cve/CVE-2014-3639.html

Solution :

Apply SAT patch number 9733.

Risk factor :

Low / CVSS Base Score : 2.1
(CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 77755 ()

Bugtraq ID:

CVE ID: CVE-2014-3638
CVE-2014-3639

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now