Oval Definition:oval:com.redhat.rhsa:def:20090361
Revision Date:2009-03-25Version:636
Title:RHSA-2009:0361: NetworkManager security update (Moderate)
Description:NetworkManager is a network link manager that attempts to keep a wired or wireless network connection active at all times.

  • An information disclosure flaw was found in NetworkManager's D-Bus interface. A local attacker could leverage this flaw to discover sensitive information, such as network connection passwords and pre-shared keys. (CVE-2009-0365)

  • A potential denial of service flaw was found in NetworkManager's D-Bus interface. A local user could leverage this flaw to modify local connection settings, preventing the system's network connection from functioning properly. (CVE-2009-0578)

    Red Hat would like to thank Ludwig Nussel for reporting these flaws responsibly.

    Users of NetworkManager should upgrade to these updated packages which contain backported patches to correct these issues.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2009-0365
    CVE-2009-0578
    RHSA-2009:0361
    RHSA-2009:0361-01
    RHSA-2009:0361-01
    Platform(s):Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • NetworkManager is earlier than 1:0.7.0-4.el5_3
  • AND NetworkManager is signed with Red Hat redhatrelease2 key
  • NetworkManager-devel is earlier than 1:0.7.0-4.el5_3
  • AND NetworkManager-devel is signed with Red Hat redhatrelease2 key
  • NetworkManager-glib is earlier than 1:0.7.0-4.el5_3
  • AND NetworkManager-glib is signed with Red Hat redhatrelease2 key
  • NetworkManager-glib-devel is earlier than 1:0.7.0-4.el5_3
  • AND NetworkManager-glib-devel is signed with Red Hat redhatrelease2 key
  • NetworkManager-gnome is earlier than 1:0.7.0-4.el5_3
  • AND NetworkManager-gnome is signed with Red Hat redhatrelease2 key
    • BACK