Test ID:	1.3.6.1.4.1.25623.1.0.871482
Category:	Red Hat Local Security Checks
Title:	RedHat Update for netcf RHSA-2015:2248-03
Summary:	The remote host is missing an update for the 'netcf'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'netcf' package(s) announced via the referenced advisory. Vulnerability Insight: The netcf packages contain a library for modifying the network configuration of a system. Network configuration is expressed in a platform-independent XML format, which netcf translates into changes to the system's 'native' network configuration files. A denial of service flaw was found in netcf. A specially crafted interface name could cause an application using netcf (such as the libvirt daemon) to crash. (CVE-2014-8119) This issue was discovered by Hao Liu of Red Hat. The netcf packages have been upgraded to upstream version 0.2.8, which provides a number of bug fixes and enhancements over the previous version. (BZ#1206680) Users of netcf are advised to upgrade to these updated packages, which fix these bugs and add these enhancements. Affected Software/OS: netcf on Red Hat Enterprise Linux Server (v. 7) Solution: Please Install the Updated Packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-8119 BugTraq ID: 78046 http://www.securityfocus.com/bid/78046 http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157713.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156571.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157508.html RedHat Security Advisories: RHSA-2015:2248 http://rhn.redhat.com/errata/RHSA-2015-2248.html
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.