Test ID:	1.3.6.1.4.1.25623.1.0.871561
Category:	Red Hat Local Security Checks
Title:	RedHat Update for polkit RHSA-2016:0189-01
Summary:	The remote host is missing an update for the 'polkit'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'polkit' package(s) announced via the referenced advisory. Vulnerability Insight: PolicyKit is a toolkit for defining and handling authorizations. A denial of service flaw was found in how polkit handled authorization requests. A local, unprivileged user could send malicious requests to polkit, which could then cause the polkit daemon to corrupt its memory and crash. (CVE-2015-3256) All polkit users should upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect. Affected Software/OS: polkit on Red Hat Enterprise Linux Server (v. 7) Solution: Please Install the Updated Packages. CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3256 1035023 http://www.securitytracker.com/id/1035023 77356 http://www.securityfocus.com/bid/77356 RHSA-2016:0189 http://rhn.redhat.com/errata/RHSA-2016-0189.html [polkit-devel] 20150702 polkit-0.113 released http://lists.freedesktop.org/archives/polkit-devel/2015-July/000432.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html https://bugzilla.redhat.com/show_bug.cgi?id=1245684 openSUSE-SU-2015:1734 http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00010.html openSUSE-SU-2015:1927 http://lists.opensuse.org/opensuse-updates/2015-11/msg00042.html
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.