CVE-2008-4311

Source
https://cve.org/CVERecord?id=CVE-2008-4311
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2008-4311.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2008-4311
Downstream
Related
Published
2008-12-10T00:30:00Z
Modified
2026-04-10T03:40:08.517674Z
Summary
[none]
Details

The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the sendtype attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to sendrequestedreply; and possibly (2) receiving messages, related to receiverequested_reply.

References

Affected packages