 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.122782 |
| Category: | Oracle Linux Local Security Checks |
| Title: | Oracle: Security Advisory (ELSA-2015-2315) |
| Summary: | The remote host is missing an update for the 'ModemManager, NetworkManager, NetworkManager-libreswan, network-manager-applet' package(s) announced via the ELSA-2015-2315 advisory. |
| Description: | Summary: The remote host is missing an update for the 'ModemManager, NetworkManager, NetworkManager-libreswan, network-manager-applet' package(s) announced via the ELSA-2015-2315 advisory. Vulnerability Insight: ModemManager [1.1.0-8.git20130913] - rfcomm: don't open the ttys until NetworkManager connects them (rh #1251954) [1.1.0-7.git20130913] - iface-modem: fix MODEM_STATE_IS_INTERMEDIATE macro (rh #1200958) NetworkManager [1.0.6-27.0.1] - fix build error on i386 [1:1.0.6-27] * build: update vala-tools build requirement (rh #1274000) [1:1.0.6-26] - wifi: emit NEW_BSS on ScanDone to update APs in Wi-Fi device (rh #1267327) [1:1.0.6-25] - vpn: cancel the secrets request on agent timeout (rh #1272023) - vpn: cancel the connect timer when vpn reconnects (rh #1272023) [1:1.0.6-24] - device: fix problem in not managing software devices (rh #1273879) [1:1.0.6-23] - wake-on-lan: ignore by default existing settings (rh #1270194) [1:1.0.6-22] - platform: fix detection of s390 CTC device (rh #1272974) - core: fix queuing activation while waiting for carrier (rh #1079353) [1:1.0.6-21] - core: fix invalid assertion in nm_clear_g_signal_handler() (rh #1183444) [1:1.0.6-20] - rebuild package [1:1.0.6-19] - device: fix race wrongly managing external-down device (2) (rh #1269199) [1:1.0.6-18] - device/vlan: update VLAN MAC address when parent's one changes [1:1.0.6-17] - dhcp6: destroy the lease when destroying a client (rh #1260727) - device: fix race wrongly managing external-down device (rh #1269199) [1:1.0.6-16] - device: silence spurious errors about activation schedule (rh #1269520) [1:1.0.6-15] - core: really fix enslaving team device to bridge (rh #1183444) [1:1.0.6-14] - platform: updating link cache when moving link to other netns (rh #1264361) - nmtui: fix possible crash during secret request (rh #1267672) - vpn: increase the plugin inactivity quit timer (rh #1268030) - core: fix enslaving team device to bridge (rh #1183444) [1:1.0.6-13] - vpn-connection: set the MTU for the VPN IP interface (rh #1267004) - modem-broadband: update modem's supported-ip-families (rh #1263959) - wifi: fix a crash in on_bss_proxy_acquired() (rh #1267462) [1:1.0.6-12] - core: increase IPv6LL DAD timeout to 15 seconds (rh #1101809) [1:1.0.6-11] - platform: better handle devices without permanent address (rh #1264024) [1:1.0.6-10] - dhcp: fix crash in internal DHCP client (rh #1260727) [1:1.0.6-9] - build: fix installing language files (rh #1265117) [1:1.0.6-8] - nmcli: allow creating ADSL connections with 'nmcli connection add' (rh #1264089) [1:1.0.6-7] - ifcfg-rh: ignore GATEWAY from network file for DHCP connections (rh #1262972) [1:1.0.6-6] - device: retry DHCP after timeout/expiration for assumed connections (rh #1246496) - device: retry creation of default connection after link is initialized (rh #1254089) [1:1.0.6-5] - config: add code comments to NetworkManager.conf file - iface-helper: enabled slaac/dhcp4 based on connection setting only (rh #1260243) - utils: avoid generation of duplicated assumed connection for veth devices (rh #1256430) - nmcli: improve handling of ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'ModemManager, NetworkManager, NetworkManager-libreswan, network-manager-applet' package(s) on Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-0272 76814 http://www.securityfocus.com/bid/76814 SUSE-SU-2015:2108 http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html SUSE-SU-2015:2194 http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html SUSE-SU-2015:2292 http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html SUSE-SU-2015:2339 http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html SUSE-SU-2015:2350 http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html SUSE-SU-2016:0354 http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html SUSE-SU-2016:2074 http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html USN-2792-1 http://www.ubuntu.com/usn/USN-2792-1 http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=d5fc88e573fa58b93034b04d35a2454f5d28cad9 http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html https://bugzilla.redhat.com/show_bug.cgi?id=1192132 Common Vulnerability Exposure (CVE) ID: CVE-2015-2924 BugTraq ID: 76879 http://www.securityfocus.com/bid/76879 http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158103.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157803.html https://security.gentoo.org/glsa/201509-05 http://openwall.com/lists/oss-security/2015/04/04/2 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |