CVE-2005-0201

Publication date 29 June 2005

Last updated 24 July 2024

Ubuntu priority

D-BUS (dbus) before 0.22 does not properly restrict access to a socket, if the socket address is known, which allows local users to listen or send arbitrary messages on another user’s per-user session bus via that socket.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
dbus	7.04 feisty	Fixed 1.0.2-1ubuntu3
	6.10 edgy	Fixed 0.93-0ubuntu3.1
	6.06 LTS dapper	Fixed 0.60-6ubuntu8.1
dbus-glib	7.04 feisty	Fixed 0.71-1ubuntu1
	6.10 edgy	Fixed 0.71-1ubuntu1
	6.06 LTS dapper	Not in release
dbus-python	7.04 feisty	Fixed 0.71-2ubuntu1
	6.10 edgy	Fixed 0.71-2ubuntu1
	6.06 LTS dapper	Not in release
dbus-qt3	7.04 feisty	Fixed 0.62.git.20060814-1
	6.10 edgy	Fixed 0.62.git.20060814-1
	6.06 LTS dapper	Not in release
dbus-sharp	7.04 feisty	Not in release
	6.10 edgy	Fixed 0.63.git.20060719-2ubuntu1
	6.06 LTS dapper	Not in release

CVE-2005-0201

Status

References

Related Ubuntu Security Notices (USN)

Other references