2015-10-12
ALT-BU-2015-2683-1
Branch sisyphus update bulletin.
Closed vulnerabilities
Published: 2016-01-08
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-8612
The EnableNetwork method in the Network class in plugins/mechanism/Network.py in Blueman before 2.0.3 allows local users to gain privileges via the dhcp_handler argument.
Severity: HIGH (8.4)
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- http://packetstormsecurity.com/files/135047/Slackware-Security-Advisory-blueman-Updates.html
- http://packetstormsecurity.com/files/135047/Slackware-Security-Advisory-blueman-Updates.html
- DSA-3427
- DSA-3427
- [oss-security] 20151218 CVE request: Blueman: Privilege escalation in blueman dbus API
- [oss-security] 20151218 CVE request: Blueman: Privilege escalation in blueman dbus API
- [oss-security] 20151218 Re: CVE request: Blueman: Privilege escalation in blueman dbus API
- [oss-security] 20151218 Re: CVE request: Blueman: Privilege escalation in blueman dbus API
- 79688
- 79688
- SSA:2015-356-01
- SSA:2015-356-01
- https://github.com/blueman-project/blueman/issues/416
- https://github.com/blueman-project/blueman/issues/416
- https://github.com/blueman-project/blueman/releases/tag/2.0.3
- https://github.com/blueman-project/blueman/releases/tag/2.0.3
- https://twitter.com/thegrugq/status/677809527882813440
- https://twitter.com/thegrugq/status/677809527882813440
- 46186
- 46186
Closed bugs
[FR] 1.3.5