SuSE 11.3 Security Update : dbus-1 (SAT Patch Number 9733)

Low Nessus Plugin ID 77755


The remote SuSE 11 host is missing one or more security updates.


Various denial of service issues were fixed in the DBUS service.

- dbus-daemon tracks whether method call messages expect a reply, so that unsolicited replies can be dropped. As currently implemented, if there are n parallel method calls in progress, each method reply takes O(n) CPU time. A malicious user could exploit this by opening the maximum allowed number of parallel connections and sending the maximum number of parallel method calls on each one, causing subsequent method calls to be unreasonably slow, a denial of service. (CVE-2014-3638)

- dbus-daemon allows a small number of 'incomplete' connections (64 by default) whose identity has not yet been confirmed. When this limit has been reached, subsequent connections are dropped. Alban's testing indicates that one malicious process that makes repeated connection attempts, but never completes the authentication handshake and instead waits for dbus-daemon to time out and disconnect it, can cause the majority of legitimate connection attempts to fail.


Apply SAT patch number 9733.

See Also

Plugin Details

Severity: Low

ID: 77755

File Name: suse_11_dbus-1-140916.nasl

Version: $Revision: 1.2 $

Type: local

Agent: unix

Published: 2014/09/19

Modified: 2014/09/23

Dependencies: 12634

Risk Information

Risk Factor: Low


Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:dbus-1, p-cpe:/a:novell:suse_linux:11:dbus-1-32bit, p-cpe:/a:novell:suse_linux:11:dbus-1-x11, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2014/09/16

Reference Information

CVE: CVE-2014-3638, CVE-2014-3639