Oval Definition:oval:com.redhat.rhsa:def:20080497
Revision Date:2008-06-24Version:636
Title:RHSA-2008:0497: sblim security update (Important)
Description:SBLIM stands for Standards-Based Linux Instrumentation for Manageability. It consists of a set of standards-based, Web-Based Enterprise Management (WBEM) modules that use the Common Information Model (CIM) standard to gather and provide systems management information, events, and methods to local or networked consumers via a CIM object services broker using the CMPI (Common Manageability Programming Interface) standard. This package provides a set of core providers and development tools for systems management applications.

  • It was discovered that certain sblim libraries had an RPATH (runtime library search path) set in the ELF (Executable and Linking Format) header. This RPATH pointed to a sub-directory of a world-writable, temporary directory. A local user could create a file with the same name as a library required by sblim (such as libc.so) and place it in the directory defined in the RPATH. This file could then execute arbitrary code with the privileges of the user running an application that used sblim (eg tog-pegasus). (CVE-2008-1951)

    Users are advised to upgrade to these updated sblim packages, which resolve this issue.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2008-1951
    RHSA-2008:0497
    RHSA-2008:0497-01
    RHSA-2008:0497-01
    Platform(s):Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • sblim-cmpi-base is earlier than 0:1.5.4-13a.el4_6.1
  • AND sblim-cmpi-base is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-base-devel is earlier than 0:1.5.4-13a.el4_6.1
  • AND sblim-cmpi-base-devel is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-base-test is earlier than 0:1.5.4-13a.el4_6.1
  • AND sblim-cmpi-base-test is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-devel is earlier than 0:1.0.4-13a.el4_6.1
  • AND sblim-cmpi-devel is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-fsvol is earlier than 0:1.4.3-13a.el4_6.1
  • AND sblim-cmpi-fsvol is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-fsvol-devel is earlier than 0:1.4.3-13a.el4_6.1
  • AND sblim-cmpi-fsvol-devel is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-fsvol-test is earlier than 0:1.4.3-13a.el4_6.1
  • AND sblim-cmpi-fsvol-test is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-network is earlier than 0:1.3.7-13a.el4_6.1
  • AND sblim-cmpi-network is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-network-devel is earlier than 0:1.3.7-13a.el4_6.1
  • AND sblim-cmpi-network-devel is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-network-test is earlier than 0:1.3.7-13a.el4_6.1
  • AND sblim-cmpi-network-test is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-nfsv3 is earlier than 0:1.0.13-13a.el4_6.1
  • AND sblim-cmpi-nfsv3 is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-nfsv3-test is earlier than 0:1.0.13-13a.el4_6.1
  • AND sblim-cmpi-nfsv3-test is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-nfsv4 is earlier than 0:1.0.11-13a.el4_6.1
  • AND sblim-cmpi-nfsv4 is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-nfsv4-test is earlier than 0:1.0.11-13a.el4_6.1
  • AND sblim-cmpi-nfsv4-test is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-params is earlier than 0:1.2.4-13a.el4_6.1
  • AND sblim-cmpi-params is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-params-test is earlier than 0:1.2.4-13a.el4_6.1
  • AND sblim-cmpi-params-test is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-sysfs is earlier than 0:1.1.8-13a.el4_6.1
  • AND sblim-cmpi-sysfs is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-sysfs-test is earlier than 0:1.1.8-13a.el4_6.1
  • AND sblim-cmpi-sysfs-test is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-syslog is earlier than 0:0.7.9-13a.el4_6.1
  • AND sblim-cmpi-syslog is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-syslog-test is earlier than 0:0.7.9-13a.el4_6.1
  • AND sblim-cmpi-syslog-test is signed with Red Hat redhatrelease2 key
  • sblim-gather is earlier than 0:2.1.1-13a.el4_6.1
  • AND sblim-gather is signed with Red Hat redhatrelease2 key
  • sblim-gather-devel is earlier than 0:2.1.1-13a.el4_6.1
  • AND sblim-gather-devel is signed with Red Hat redhatrelease2 key
  • sblim-gather-provider is earlier than 0:2.1.1-13a.el4_6.1
  • AND sblim-gather-provider is signed with Red Hat redhatrelease2 key
  • sblim-gather-test is earlier than 0:2.1.1-13a.el4_6.1
  • AND sblim-gather-test is signed with Red Hat redhatrelease2 key
  • sblim-testsuite is earlier than 0:1.2.4-13a.el4_6.1
  • AND sblim-testsuite is signed with Red Hat redhatrelease2 key
  • sblim-wbemcli is earlier than 0:1.5.1-13a.el4_6.1
  • AND sblim-wbemcli is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • sblim-cim-client is earlier than 0:1.3.3-31.el5_2.1
  • AND sblim-cim-client is signed with Red Hat redhatrelease2 key
  • sblim-cim-client-javadoc is earlier than 0:1-31.el5_2.1
  • AND sblim-cim-client-javadoc is signed with Red Hat redhatrelease2 key
  • sblim-cim-client-manual is earlier than 0:1-31.el5_2.1
  • AND sblim-cim-client-manual is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-base is earlier than 0:1.5.5-31.el5_2.1
  • AND sblim-cmpi-base is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-base-devel is earlier than 0:1.5.5-31.el5_2.1
  • AND sblim-cmpi-base-devel is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-base-test is earlier than 0:1.5.5-31.el5_2.1
  • AND sblim-cmpi-base-test is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-devel is earlier than 0:1.0.4-31.el5_2.1
  • AND sblim-cmpi-devel is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-dns is earlier than 0:0.5.2-31.el5_2.1
  • AND sblim-cmpi-dns is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-dns-devel is earlier than 0:1-31.el5_2.1
  • AND sblim-cmpi-dns-devel is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-dns-test is earlier than 0:1-31.el5_2.1
  • AND sblim-cmpi-dns-test is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-fsvol is earlier than 0:1.4.4-31.el5_2.1
  • AND sblim-cmpi-fsvol is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-fsvol-devel is earlier than 0:1.4.4-31.el5_2.1
  • AND sblim-cmpi-fsvol-devel is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-fsvol-test is earlier than 0:1.4.4-31.el5_2.1
  • AND sblim-cmpi-fsvol-test is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-network is earlier than 0:1.3.8-31.el5_2.1
  • AND sblim-cmpi-network is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-network-devel is earlier than 0:1.3.8-31.el5_2.1
  • AND sblim-cmpi-network-devel is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-network-test is earlier than 0:1.3.8-31.el5_2.1
  • AND sblim-cmpi-network-test is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-nfsv3 is earlier than 0:1.0.14-31.el5_2.1
  • AND sblim-cmpi-nfsv3 is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-nfsv3-test is earlier than 0:1.0.14-31.el5_2.1
  • AND sblim-cmpi-nfsv3-test is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-nfsv4 is earlier than 0:1.0.12-31.el5_2.1
  • AND sblim-cmpi-nfsv4 is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-nfsv4-test is earlier than 0:1.0.12-31.el5_2.1
  • AND sblim-cmpi-nfsv4-test is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-params is earlier than 0:1.2.6-31.el5_2.1
  • AND sblim-cmpi-params is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-params-test is earlier than 0:1.2.6-31.el5_2.1
  • AND sblim-cmpi-params-test is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-samba is earlier than 0:0.5.2-31.el5_2.1
  • AND sblim-cmpi-samba is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-samba-devel is earlier than 0:1-31.el5_2.1
  • AND sblim-cmpi-samba-devel is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-samba-test is earlier than 0:1-31.el5_2.1
  • AND sblim-cmpi-samba-test is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-sysfs is earlier than 0:1.1.9-31.el5_2.1
  • AND sblim-cmpi-sysfs is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-sysfs-test is earlier than 0:1.1.9-31.el5_2.1
  • AND sblim-cmpi-sysfs-test is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-syslog is earlier than 0:0.7.11-31.el5_2.1
  • AND sblim-cmpi-syslog is signed with Red Hat redhatrelease2 key
  • sblim-cmpi-syslog-test is earlier than 0:0.7.11-31.el5_2.1
  • AND sblim-cmpi-syslog-test is signed with Red Hat redhatrelease2 key
  • sblim-gather is earlier than 0:2.1.2-31.el5_2.1
  • AND sblim-gather is signed with Red Hat redhatrelease2 key
  • sblim-gather-devel is earlier than 0:2.1.2-31.el5_2.1
  • AND sblim-gather-devel is signed with Red Hat redhatrelease2 key
  • sblim-gather-provider is earlier than 0:2.1.2-31.el5_2.1
  • AND sblim-gather-provider is signed with Red Hat redhatrelease2 key
  • sblim-gather-test is earlier than 0:2.1.2-31.el5_2.1
  • AND sblim-gather-test is signed with Red Hat redhatrelease2 key
  • sblim-testsuite is earlier than 0:1.2.4-31.el5_2.1
  • AND sblim-testsuite is signed with Red Hat redhatrelease2 key
  • sblim-tools-libra is earlier than 0:0.2.3-31.el5_2.1
  • AND sblim-tools-libra is signed with Red Hat redhatrelease2 key
  • sblim-tools-libra-devel is earlier than 0:0.2.3-31.el5_2.1
  • AND sblim-tools-libra-devel is signed with Red Hat redhatrelease2 key
  • sblim-wbemcli is earlier than 0:1.5.1-31.el5_2.1
  • AND sblim-wbemcli is signed with Red Hat redhatrelease2 key
    • BACK