ID de Prueba:	1.3.6.1.4.1.25623.1.0.63639
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2009:0361
Resumen:	The remote host is missing updates announced in;advisory RHSA-2009:0361.;;NetworkManager is a network link manager that attempts to keep a wired or;wireless network connection active at all times.;;An information disclosure flaw was found in NetworkManager's D-Bus;interface. A local attacker could leverage this flaw to discover sensitive;information, such as network connection passwords and pre-shared keys.;(CVE-2009-0365);;A potential denial of service flaw was found in NetworkManager's D-Bus;interface. A local user could leverage this flaw to modify local connection;settings, preventing the system's network connection from functioning;properly. (CVE-2009-0578);;Red Hat would like to thank Ludwig Nussel for reporting these flaws;responsibly.;;Users of NetworkManager should upgrade to these updated packages which;contain backported patches to correct these issues.
Descripción:	Summary: The remote host is missing updates announced in advisory RHSA-2009:0361. NetworkManager is a network link manager that attempts to keep a wired or wireless network connection active at all times. An information disclosure flaw was found in NetworkManager's D-Bus interface. A local attacker could leverage this flaw to discover sensitive information, such as network connection passwords and pre-shared keys. (CVE-2009-0365) A potential denial of service flaw was found in NetworkManager's D-Bus interface. A local user could leverage this flaw to modify local connection settings, preventing the system's network connection from functioning properly. (CVE-2009-0578) Red Hat would like to thank Ludwig Nussel for reporting these flaws responsibly. Users of NetworkManager should upgrade to these updated packages which contain backported patches to correct these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date CVSS Score: 6.2 CVSS Vector: AV:L/AC:L/Au:S/C:N/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0365 BugTraq ID: 33966 http://www.securityfocus.com/bid/33966 Debian Security Information: DSA-1955 (Google Search) http://www.debian.org/security/2009/dsa-1955 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10828 http://www.redhat.com/support/errata/RHSA-2009-0361.html http://www.redhat.com/support/errata/RHSA-2009-0362.html http://www.securitytracker.com/id?1021908 http://securitytracker.com/id?1021910 http://securitytracker.com/id?1021911 http://secunia.com/advisories/34067 http://secunia.com/advisories/34177 http://secunia.com/advisories/34473 SuSE Security Announcement: SUSE-SA:2009:013 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html SuSE Security Announcement: SUSE-SR:2009:009 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html http://www.ubuntu.com/usn/USN-727-1 http://www.ubuntu.com/usn/USN-727-2 XForce ISS Database: networkmanager-dbus-info-disclosure(49062) https://exchange.xforce.ibmcloud.com/vulnerabilities/49062 Common Vulnerability Exposure (CVE) ID: CVE-2009-0578 1021909 http://www.securitytracker.com/id?1021909 33966 34067 34473 RHSA-2009:0361 SUSE-SA:2009:013 SUSE-SR:2009:009 USN-727-1 https://bugzilla.redhat.com/show_bug.cgi?id=487752 networkmanager-dbus-security-bypass(49063) https://exchange.xforce.ibmcloud.com/vulnerabilities/49063 oval:org.mitre.oval:def:8931 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8931
Copyright	Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.