This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote SuSE 11 host is missing one or more security updates.
Various denial of service issues were fixed in the DBUS service.
- dbus-daemon tracks whether method call messages expect a
reply, so that unsolicited replies can be dropped. As
currently implemented, if there are n parallel method
calls in progress, each method reply takes O(n) CPU
time. A malicious user could exploit this by opening the
maximum allowed number of parallel connections and
sending the maximum number of parallel method calls on
each one, causing subsequent method calls to be
unreasonably slow, a denial of service. (CVE-2014-3638)
- dbus-daemon allows a small number of 'incomplete'
connections (64 by default) whose identity has not yet
been confirmed. When this limit has been reached,
subsequent connections are dropped. Alban's testing
indicates that one malicious process that makes repeated
connection attempts, but never completes the
authentication handshake and instead waits for
dbus-daemon to time out and disconnect it, can cause the
majority of legitimate connection attempts to fail.
See also :
Apply SAT patch number 9733.
Risk factor :
Low / CVSS Base Score : 2.1