MiracleLinux 4 : NetworkManager-0.8.1-9.AXS4.3 (AXSA:2011-534:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-534:01 advisory. NetworkManager is a system network service that manages your network devices and connections, attempting to keep active network connectivity when...

EUVD-2011-3328

Malware in sbrugna...

SUSE CVE-2011-3364

Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create new connections, allows local users to execute...

NetworkManager security and bug fix update

1:1.22.8-5 - dhcp: fix handling IO error in nettools DHCPv4 client rh 1843357 - ifcfg-rh: handle '802-1x.,phase2-ca-path' rh 1843360, CVE-2020-10754...

NetworkManager and libnl3 security, bug fix and enhancement update

NetworkManager 1:1.8.0-9 - device: don't change MTU unless explicitly configured rh 1460760 - core: don't remove external IPv4 addresses rh 1459813 1:1.8.0-8 - cli: fix output of iface in overview output rh1460219 - ppp: unexport NMPPPManager instance on dispose rh1459579 - cli: remove spurious...

Oracle Linux 6 : NetworkManager (ELSA-2011-1338)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2011-1338 advisory. - ifcfg-rh: CVE-2011-3364: filter newline characters when writing into ifcfg- files rh 737338 Tenable has extracted the preceding description block directly fro...

Scientific Linux Security Update : NetworkManager on SL6.x i386/x86_64

NetworkManager is a network link manager that attempts to keep a wired or wireless network connection active at all times. The ifcfg-rh NetworkManager plug-in is used in Scientific Linux distributions to read and write configuration information from the /etc/sysconfig/network-scripts/ifcfg- files...

CVE-2011-3364

CVE-2011-3364 affects GNOME NetworkManager (ifcfg-rh plugin) via an incomplete blacklist in svEscape, allowing local users to execute arbitrary commands by newline characters in new connection names when PolicyKit allows creation of connections. Credited impact: local privilege escalation; docume...

Fedora 16 : NetworkManager-0.9.1.90-3.git20110927.fc16 (2011-13425)

This update fixes security issue in ifcfg-rh plugin CVE-2011-3364. This update also fixes an applet and connection editor crash caused by mis-packaging of some UI-related files, and corrects the path of iscsiadm. This update further adds the ability to delete connections from nmcli, correctly...

Fedora 15 : NetworkManager-0.9.1.90-1.git20110927.fc15 (2011-13388)

This update fixes security issue in ifcfg-rh plugin CVE-2011-3364. In addition, it updates to 0.9.1.90 featuring : - ability to delete connections from nmcli - correctly handles IPv6 link-local DNS servers when using the dnsmasq local caching nameserver plugin - fixes connection timestamps for VP...

NetworkManager: Console user can escalate to root via newlines in ifcfg-rh connection name

Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create new connections, allows local users to execute...

NetworkManager security update

0.8.1-9el61.3 - ifcfg-rh: CVE-2011-3364: filter newline characters when writing into ifcfg- files rh 737338 0.8.1-9el61.2 - ifcfg-rh: CVE-2011-3364: filter newline characters when writing into ifcfg- files rh 737338...