Red Hat Local Security Checks : RedHat Security Advisory RHSA-2009:0362

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.63638

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2009:0362

Resumen: The remote host is missing updates announced in;advisory RHSA-2009:0362.;;NetworkManager is a network link manager that attempts to keep a wired or;wireless network connection active at all times.;;An information disclosure flaw was found in NetworkManager's D-Bus;interface. A local attacker could leverage this flaw to discover sensitive;information, such as network connection passwords and pre-shared keys.;(CVE-2009-0365);;Red Hat would like to thank Ludwig Nussel for responsibly reporting this;flaw.;;NetworkManager users should upgrade to these updated packages, which;contain a backported patch that corrects this issue.

Descripción: Summary:
The remote host is missing updates announced in
advisory RHSA-2009:0362.

NetworkManager is a network link manager that attempts to keep a wired or
wireless network connection active at all times.

An information disclosure flaw was found in NetworkManager's D-Bus
interface. A local attacker could leverage this flaw to discover sensitive
information, such as network connection passwords and pre-shared keys.
(CVE-2009-0365)

Red Hat would like to thank Ludwig Nussel for responsibly reporting this
flaw.

NetworkManager users should upgrade to these updated packages, which
contain a backported patch that corrects this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

CVSS Score:
4.6

CVSS Vector:
AV:L/AC:L/Au:S/C:C/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-0365
BugTraq ID: 33966
http://www.securityfocus.com/bid/33966
Debian Security Information: DSA-1955 (Google Search)
http://www.debian.org/security/2009/dsa-1955
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10828
http://www.redhat.com/support/errata/RHSA-2009-0361.html
http://www.redhat.com/support/errata/RHSA-2009-0362.html
http://www.securitytracker.com/id?1021908
http://securitytracker.com/id?1021910
http://securitytracker.com/id?1021911
http://secunia.com/advisories/34067
http://secunia.com/advisories/34177
http://secunia.com/advisories/34473
SuSE Security Announcement: SUSE-SA:2009:013 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html
SuSE Security Announcement: SUSE-SR:2009:009 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html
http://www.ubuntu.com/usn/USN-727-1
http://www.ubuntu.com/usn/USN-727-2
XForce ISS Database: networkmanager-dbus-info-disclosure(49062)
https://exchange.xforce.ibmcloud.com/vulnerabilities/49062

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.63638
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2009:0362
Resumen:	The remote host is missing updates announced in;advisory RHSA-2009:0362.;;NetworkManager is a network link manager that attempts to keep a wired or;wireless network connection active at all times.;;An information disclosure flaw was found in NetworkManager's D-Bus;interface. A local attacker could leverage this flaw to discover sensitive;information, such as network connection passwords and pre-shared keys.;(CVE-2009-0365);;Red Hat would like to thank Ludwig Nussel for responsibly reporting this;flaw.;;NetworkManager users should upgrade to these updated packages, which;contain a backported patch that corrects this issue.
Descripción:	Summary: The remote host is missing updates announced in advisory RHSA-2009:0362. NetworkManager is a network link manager that attempts to keep a wired or wireless network connection active at all times. An information disclosure flaw was found in NetworkManager's D-Bus interface. A local attacker could leverage this flaw to discover sensitive information, such as network connection passwords and pre-shared keys. (CVE-2009-0365) Red Hat would like to thank Ludwig Nussel for responsibly reporting this flaw. NetworkManager users should upgrade to these updated packages, which contain a backported patch that corrects this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:S/C:C/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0365 BugTraq ID: 33966 http://www.securityfocus.com/bid/33966 Debian Security Information: DSA-1955 (Google Search) http://www.debian.org/security/2009/dsa-1955 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10828 http://www.redhat.com/support/errata/RHSA-2009-0361.html http://www.redhat.com/support/errata/RHSA-2009-0362.html http://www.securitytracker.com/id?1021908 http://securitytracker.com/id?1021910 http://securitytracker.com/id?1021911 http://secunia.com/advisories/34067 http://secunia.com/advisories/34177 http://secunia.com/advisories/34473 SuSE Security Announcement: SUSE-SA:2009:013 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html SuSE Security Announcement: SUSE-SR:2009:009 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html http://www.ubuntu.com/usn/USN-727-1 http://www.ubuntu.com/usn/USN-727-2 XForce ISS Database: networkmanager-dbus-info-disclosure(49062) https://exchange.xforce.ibmcloud.com/vulnerabilities/49062
Copyright	Copyright (C) 2009 E-Soft Inc.