CVE-2019-12749 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	No
Type	Access restriction bypass
Description	It has been discovered that dbus before 1.12.16 allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. This issue only affects the DBUS_COOKIE_SHA1 authentication mechanism. A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-974	dbus	1.12.14-1	1.12.16-1	High	Fixed

Date	Advisory	Group	Package	Severity	Type
18 Jun 2019	ASA-201906-16	AVG-974	dbus	High	access restriction bypass

References
https://www.openwall.com/lists/oss-security/2019/06/11/2 https://gitlab.freedesktop.org/dbus/dbus/issues/269 https://gitlab.freedesktop.org/dbus/dbus/commit/47b1a4c41004bf494b87370987b222c934b19016