CentOS Update For NetworkManager CESA-2009:0361 Centos5 I386 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

NetworkManager is a network link manager that attempts to keep a wired or wireless network connection active at all times. An information disclosure flaw was found in NetworkManager's D-Bus interface. A local attacker could leverage this flaw to discover sensitive information, such as network connection passwords and pre-shared keys. (CVE-2009-0365) A potential denial of service flaw was found in NetworkManager's D-Bus interface. A local user could leverage this flaw to modify local connection settings, preventing the system's network connection from functioning properly. (CVE-2009-0578) Red Hat would like to thank Ludwig Nussel for reporting these flaws responsibly. Users of NetworkManager should upgrade to these updated packages which contain backported patches to correct these issues.

Affected

NetworkManager on CentOS 5

References

http://lists.centos.org/pipermail/centos-announce/2009-April/015742.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-0365, CVE-2009-0578
CVSS Base Score: 6.2
AV:L/AC:L/Au:S/C:N/I:C/A:C

Related Vulnerabilities

CentOS Update for NetworkManager CESA-2009:0361 centos5 i386

Take action and discover your vulnerabilities