Search for vulnerabilities
Vulnerability details: VCID-jx5m-rkr1-aaap
Vulnerability ID VCID-jx5m-rkr1-aaap
Aliases CVE-2008-3834
Summary The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error.
Status Published
Exploitability 2.0
Weighted Severity 6.2
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-20 Improper Input Validation
System Score Found at
generic_textual MODERATE http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html
rhas Moderate https://access.redhat.com/errata/RHSA-2009:0008
epss 0.0082 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.01121 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.01121 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.01121 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.01121 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.01121 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.01121 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.01121 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.01121 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.01121 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.01121 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.01121 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.0117 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.03468 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.03468 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.03468 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
epss 0.03468 https://api.first.org/data/v1/epss?cve=CVE-2008-3834
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=464674
cvssv2 2.1 https://nvd.nist.gov/vuln/detail/CVE-2008-3834
Reference id Reference type URL
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html
http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3834.json
https://api.first.org/data/v1/epss?cve=CVE-2008-3834
https://bugs.freedesktop.org/show_bug.cgi?id=17803
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3834
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3834
http://secunia.com/advisories/32127
http://secunia.com/advisories/32230
http://secunia.com/advisories/32281
http://secunia.com/advisories/32385
http://secunia.com/advisories/33396
https://exchange.xforce.ibmcloud.com/vulnerabilities/45701
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10253
https://www.exploit-db.com/exploits/7822
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00298.html
http://www.debian.org/security/2008/dsa-1658
http://www.freedesktop.org/wiki/Software/dbus#head-dad0dab297a44f1d7a3b1259cfc06b583fd6a88a
http://www.mandriva.com/security/advisories?name=MDVSA-2008:213
http://www.redhat.com/support/errata/RHSA-2009-0008.html
http://www.securityfocus.com/bid/31602
http://www.securitytracker.com/id?1021063
http://www.ubuntu.com/usn/usn-653-1
http://www.vupen.com/english/advisories/2008/2762
464674 https://bugzilla.redhat.com/show_bug.cgi?id=464674
501443 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501443
cpe:2.3:a:freedesktop:dbus:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:*:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.1:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.10:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.11:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.12:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.13:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.2:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.20:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.20:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.21:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.21:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.22:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.22:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.23:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.23:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.23.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.23.1:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.23.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.23.2:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.23.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.23.3:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.3:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.31:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.31:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.32:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.32:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.33:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.33:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.34:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.34:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.35:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.35:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.35.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.35.1:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.35.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.35.2:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.36:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.36:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.36.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.36.1:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.36.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.36.2:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.4:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.5:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.50:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.50:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.6:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.61:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.61:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.62:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.62:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.7:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.8:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.9:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.90:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.90:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.91:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.91:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:0.92:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:0.92:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus1.0:rc1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus1.0:rc1:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus1.0:rc2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus1.0:rc2:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus1.0:rc3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus1.0:rc3:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus1.1.0:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus1.1.0:*:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus:1.1.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:dbus:1.1.2:*:*:*:*:*:*:*
CVE-2008-3834 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/7822.c
CVE-2008-3834 https://nvd.nist.gov/vuln/detail/CVE-2008-3834
GLSA-200901-04 https://security.gentoo.org/glsa/200901-04
RHSA-2009:0008 https://access.redhat.com/errata/RHSA-2009:0008
USN-653-1 https://usn.ubuntu.com/653-1/
Data source Exploit-DB
Date added Jan. 18, 2009
Description D-Bus Daemon < 1.2.4 - 'libdbus' Denial of Service
Ransomware campaign use Known
Source publication date Jan. 19, 2009
Exploit type dos
Platform multiple
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2008-3834
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.59557
EPSS Score 0.0082
Published At March 29, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.