Oval Definition:oval:com.redhat.rhsa:def:20111338
Revision Date:2011-09-26Version:639
Title:RHSA-2011:1338: NetworkManager security update (Moderate)
Description:NetworkManager is a network link manager that attempts to keep a wired or wireless network connection active at all times. The ifcfg-rh NetworkManager plug-in is used in Red Hat Enterprise Linux distributions to read and write configuration information from the /etc/sysconfig/network-scripts/ifcfg-
  • files.

  • An input sanitization flaw was found in the way the ifcfg-rh NetworkManager plug-in escaped network connection names containing special characters. If PolicyKit was configured to allow local, unprivileged users to create and save new network connections, they could create a connection with a specially-crafted name, leading to the escalation of their privileges. Note: By default, PolicyKit prevents unprivileged users from creating and saving network connections. (CVE-2011-3364)

    Red Hat would like to thank Matt McCutchen for reporting this issue.

    Users of NetworkManager should upgrade to these updated packages, which contain a backported patch to correct this issue. Running instances of NetworkManager must be restarted ("service NetworkManager restart") for this update to take effect.
  • Family:unixClass:patch
    Status:Reference(s):CVE-2011-3364
    CVE-2011-3364
    RHSA-2011:1338
    RHSA-2011:1338-01
    RHSA-2011:1338-01
    Platform(s):Red Hat Enterprise Linux 6
    Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • NetworkManager is earlier than 1:0.8.1-9.el6_1.3
  • AND NetworkManager is signed with Red Hat redhatrelease2 key
  • NetworkManager-devel is earlier than 1:0.8.1-9.el6_1.3
  • AND NetworkManager-devel is signed with Red Hat redhatrelease2 key
  • NetworkManager-glib is earlier than 1:0.8.1-9.el6_1.3
  • AND NetworkManager-glib is signed with Red Hat redhatrelease2 key
  • NetworkManager-glib-devel is earlier than 1:0.8.1-9.el6_1.3
  • AND NetworkManager-glib-devel is signed with Red Hat redhatrelease2 key
  • NetworkManager-gnome is earlier than 1:0.8.1-9.el6_1.3
  • AND NetworkManager-gnome is signed with Red Hat redhatrelease2 key
  • BACK