Important: Red Hat Security Advisory: dbus-glib security update

Updated dbus-glib packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

firefox security update

firefox 17.0.3-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones 17.0.3-1 - Update to 17.0.3 ESR 17.0.2-4 - Added NM preferences 17.0.2-3 - Update to 17.0.2 ESR 17.0.1-2 - Update to 17.0.1 ESR 17.0-1 - Update to 17.0 ESR 17.0-0.2.b4 - Update to 17 Beta 4...

Fedora 18 : libvirt-0.10.2.2-3.fc18 (2012-20577)

Fix scriplet warning when uninstalling libvirt-client bz 888071 - Fix conflict with NM launched dnsmasq bz 886663 - Fix selinux denials when launching non-kvm qemu guests bz 885837 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...

CVE-2012-3520

The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCMCREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to 1 Avahi or 2 NetworkManager...

CVE-2012-3520

The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCMCREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to 1 Avahi or 2 NetworkManager...

CVE-2012-3520

CVE-2012-3520 concerns the Netlink implementation in the Linux kernel prior to 3.2.30, where Netlink messages missing SCM_CREDENTIALS data could be spoofed by a local attacker via crafted messages (notably affecting services such as Avahi or NetworkManager). The vulnerability enables a local user...

UBUNTU-CVE-2012-3520

The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCMCREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to 1 Avahi or 2 NetworkManager...

Fedora 18 : bind-9.9.1-10.P3.fc18 (2012-13922)

Update to the 9.9.1-P3 security release. This update also fixes following issues : - bind now uses systemd-rpm macros for starting/restarting of the named daemon. BZ850045 - the NetworkManager dispatcher script contained wrong path to systemcl utility. BZ837173 - named-chroot.service systemd unit...

Fedora 17 : bind-9.9.1-9.P3.fc17 (2012-14106)

Update to the 9.9.1-P3 security release. This update also fixes following issues : - named NetworkManager dispatcher script contained wrong path to systemcl utility. BZ837173 - named-chroot.service unit didn't work properly. BZ825869 - bind-devel package wasn't multilib clean. BZ478718 Note that...

Medium: kernel

Issue Overview: The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCMCREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to 1 Avahi or 2 NetworkManager. Affected...

Mandriva Linux Security Advisory : networkmanager (MDVSA-2011:171)

Security issues were identified and fixed in networkmanager : GNOME NetworkManager before 0.8.6 does not properly enforce the authadmin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors CVE-2011-2176. Incomplete blackli...

Scientific Linux Security Update : NetworkManager on SL4.x, SL5.x i386/x86_64

An information disclosure flaw was found in NetworkManager's D-Bus interface. A local attacker could leverage this flaw to discover sensitive information, such as network connection passwords and pre-shared keys. CVE-2009-0365 A potential denial of service flaw was found in NetworkManager's D-Bus...

Scientific Linux Security Update : NetworkManager on SL6.x i386/x86_64

NetworkManager is a network link manager that attempts to keep a wired or wireless network connection active at all times. It was found that NetworkManager did not properly enforce PolicyKit settings controlling the permissions to configure wireless network sharing. A local, unprivileged user cou...

Scientific Linux Security Update : NetworkManager on SL5.x i386/x86_64

CVE-2009-4145 NetworkManager: information disclosure by nm-connection-editor CVE-2009-4144 NetworkManager: WPA enterprise network not verified when certificate is removed A missing network certificate verification flaw was found in NetworkManager. If a user created a WPA Enterprise or 802.1x...

Scientific Linux Security Update : NetworkManager on SL6.x i386/x86_64

NetworkManager is a network link manager that attempts to keep a wired or wireless network connection active at all times. The ifcfg-rh NetworkManager plug-in is used in Scientific Linux distributions to read and write configuration information from the /etc/sysconfig/network-scripts/ifcfg- files...

Scientific Linux Security Update : dbus on SL5.x, SL6.x i386/x86_64

D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. A denial of service flaw was found in the way the D-Bus library handled endianness conversion when receiving messages. A local user...

Scientific Linux Security Update : dbus-glib on SL5.x i386/x86_64

It was discovered that dbus-glib did not enforce the 'access' flag on exported GObject properties. If such a property were read/write internally but specified as read-only externally, a malicious, local user could use this flaw to modify that property of an application. Such a change could impact...

Fedora 17 : puppet-2.7.18-1.fc17 (2012-10891)

This is an upstream security release. It addresses a number of issues found in puppet-2.7.x. The Red Hat security team has rated this update as having low security impact. Refer to the upstream release notes and bugzilla entries for further details...

Fedora 16 : puppet-2.6.17-2.fc16 (2012-10897)

This is an upstream security release. It addresses a number of issues found in puppet-2.6.x. The Red Hat security team has rated this update as having low security impact. Refer to the upstream release notes and bugzilla entries for further details...

RedHat Update for NetworkManager RHSA-2011:1338-01

Check for the Version of NetworkManager OpenVAS Vulnerability Test RedHat Update for NetworkManager RHSA-2011:1338-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...