JVN/CVE Demo: Cveinfos

CVE

Id: 30712
CVE No.: CVE-2008-0595
Status: Candidate
Description: dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method call with a NULL interface.
Phase: Assigned (20080205)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
327022	30712	CVE-2008-0595	BUGTRAQ:20080307 rPSA-2008-0099-1 dbus dbus-glib dbus-qt dbus-x11	View
327023	30712	CVE-2008-0595	URL:http://www.securityfocus.com/archive/1/archive/1/489280/100/0/threaded	View
327024	30712	CVE-2008-0595	MLIST:[dbus] 20080227 [ANNOUNCE] CVE-2008-0595 D-Bus Security Releases - D-Bus 1.0.3 and D-Bus 1.1.20	View
327025	30712	CVE-2008-0595	URL:http://lists.freedesktop.org/archives/dbus/2008-February/009401.html	View
327026	30712	CVE-2008-0595	CONFIRM:http://www.j5live.com/2008/02/27/announce-d-bus-1120-conisten-water-released/	View
327027	30712	CVE-2008-0595	CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0099	View
327028	30712	CVE-2008-0595	CONFIRM:https://issues.rpath.com/browse/RPL-2282	View
327029	30712	CVE-2008-0595	CONFIRM:http://wiki.rpath.com/Advisories:rPSA-2008-0099	View
327030	30712	CVE-2008-0595	DEBIAN:DSA-1599	View
327031	30712	CVE-2008-0595	URL:http://www.debian.org/security/2008/dsa-1599	View
327032	30712	CVE-2008-0595	FEDORA:FEDORA-2008-2043	View
327033	30712	CVE-2008-0595	URL:https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00893.html	View
327034	30712	CVE-2008-0595	FEDORA:FEDORA-2008-2070	View
327035	30712	CVE-2008-0595	URL:https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00911.html	View
327036	30712	CVE-2008-0595	MANDRIVA:MDVSA-2008:054	View
327037	30712	CVE-2008-0595	URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:054	View
327038	30712	CVE-2008-0595	REDHAT:RHSA-2008:0159	View
327039	30712	CVE-2008-0595	URL:http://www.redhat.com/support/errata/RHSA-2008-0159.html	View
327040	30712	CVE-2008-0595	SUSE:SUSE-SR:2008:006	View
327041	30712	CVE-2008-0595	URL:http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html	View
327042	30712	CVE-2008-0595	SUSE:openSUSE-SU-2012:1418	View
327043	30712	CVE-2008-0595	URL:http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html	View
327044	30712	CVE-2008-0595	UBUNTU:USN-653-1	View
327045	30712	CVE-2008-0595	URL:http://www.ubuntu.com/usn/usn-653-1	View
327046	30712	CVE-2008-0595	BID:28023	View
327047	30712	CVE-2008-0595	URL:http://www.securityfocus.com/bid/28023	View
327048	30712	CVE-2008-0595	OVAL:oval:org.mitre.oval:def:9353	View
327049	30712	CVE-2008-0595	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9353	View
327050	30712	CVE-2008-0595	VUPEN:ADV-2008-0694	View
327051	30712	CVE-2008-0595	URL:http://www.vupen.com/english/advisories/2008/0694	View
327052	30712	CVE-2008-0595	SECTRACK:1019512	View
327053	30712	CVE-2008-0595	URL:http://securitytracker.com/id?1019512	View
327054	30712	CVE-2008-0595	SECUNIA:29148	View
327055	30712	CVE-2008-0595	URL:http://secunia.com/advisories/29148	View
327056	30712	CVE-2008-0595	SECUNIA:29160	View
327057	30712	CVE-2008-0595	URL:http://secunia.com/advisories/29160	View
327058	30712	CVE-2008-0595	SECUNIA:29171	View
327059	30712	CVE-2008-0595	URL:http://secunia.com/advisories/29171	View
327060	30712	CVE-2008-0595	SECUNIA:29173	View
327061	30712	CVE-2008-0595	URL:http://secunia.com/advisories/29173	View
327062	30712	CVE-2008-0595	SECUNIA:29281	View
327063	30712	CVE-2008-0595	URL:http://secunia.com/advisories/29281	View
327064	30712	CVE-2008-0595	SECUNIA:29323	View
327065	30712	CVE-2008-0595	URL:http://secunia.com/advisories/29323	View
327066	30712	CVE-2008-0595	SECUNIA:32281	View
327067	30712	CVE-2008-0595	URL:http://secunia.com/advisories/32281	View
327068	30712	CVE-2008-0595	SECUNIA:30869	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
46025	JVNDB-2008-001335	PHP の init_request_info() 関数における任意のコードを実行される脆弱性	PHP の sapi/cgi/cgi_main.c には、init_request_info() 関数において、PATH_TRANSLATED の長さの計算処理に不備があるために、任意のコードを実行される脆弱性が存在します。	CVE-2008-0599	30712	10		http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001335.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.31 MB
View render complete	2.79 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.75
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	434.75
Event: Controller.beforeRender	5.27
» Processing toolbar data	5.18
Rendering View	20.05
» Event: View.beforeRender	0.03
» Rendering APP/View/Cveinfos/view.ctp	18.89
» Event: View.afterRender	0.03
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.62
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.11
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/30712
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/30712
Remote Port	12166
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.217.10
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.2.80.175
Http Via	1.1 squid-proxy-5b5d847c96-wnrnx (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.217.10
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.217.10
Unique Id	aIDNUcBg1ZZp3TMe4TzrQQAAAQY
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.217.10
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.217.10
Redirect Unique Id	aIDNUcBg1ZZp3TMe4TzrQQAAAQY
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.217.10
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.217.10
Redirect Redirect Unique Id	aIDNUcBg1ZZp3TMe4TzrQQAAAQY
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1753271633.2688
Request Time	1753271633

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files