Описание
ELSA-2011-1338: NetworkManager security update (MODERATE)
[0.8.1-9_el6_1.3]
- ifcfg-rh: CVE-2011-3364: filter newline characters when writing into ifcfg-* files (rh #737338)
[0.8.1-9_el6_1.2]
- ifcfg-rh: CVE-2011-3364: filter newline characters when writing into ifcfg-* files (rh #737338)
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
NetworkManager
0.8.1-9.el6_1.3
NetworkManager-devel
0.8.1-9.el6_1.3
NetworkManager-glib
0.8.1-9.el6_1.3
NetworkManager-glib-devel
0.8.1-9.el6_1.3
NetworkManager-gnome
0.8.1-9.el6_1.3
Oracle Linux i686
NetworkManager
0.8.1-9.el6_1.3
NetworkManager-devel
0.8.1-9.el6_1.3
NetworkManager-glib
0.8.1-9.el6_1.3
NetworkManager-glib-devel
0.8.1-9.el6_1.3
NetworkManager-gnome
0.8.1-9.el6_1.3
Связанные CVE
Связанные уязвимости
Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create new connections, allows local users to execute arbitrary commands via a newline character in the name for a new network connection, which is not properly handled when writing to the ifcfg file.
Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create new connections, allows local users to execute arbitrary commands via a newline character in the name for a new network connection, which is not properly handled when writing to the ifcfg file.
Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create new connections, allows local users to execute arbitrary commands via a newline character in the name for a new network connection, which is not properly handled when writing to the ifcfg file.
Incomplete blacklist vulnerability in the svEscape function in setting ...
Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create new connections, allows local users to execute arbitrary commands via a newline character in the name for a new network connection, which is not properly handled when writing to the ifcfg file.