Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CentOS Update for dbus-glib CESA-2010:0616 centos5 i386

Information

Severity

Severity

Low

Family

Family

CentOS Local Security Checks

CVSSv2 Base

CVSSv2 Base

3.6

CVSSv2 Vector

CVSSv2 Vector

AV:L/AC:L/Au:N/C:N/I:P/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

12 years ago

Modified

Modified

5 years ago

Summary

The remote host is missing an update for the 'dbus-glib' package(s) announced via the referenced advisory.

Insight

Insight

dbus-glib is an add-on library to integrate the standard D-Bus library with the GLib main loop and threading model. NetworkManager is a network link manager that attempts to keep a wired or wireless network connection active at all times. It was discovered that dbus-glib did not enforce the 'access' flag on exported GObject properties. If such a property were read/write internally but specified as read-only externally, a malicious, local user could use this flaw to modify that property of an application. Such a change could impact the application's behavior (for example, if an IP address were changed the network may not come up properly after reboot) and possibly lead to a denial of service. (CVE-2010-1172) Due to the way dbus-glib translates an application's XML definitions of service interfaces and properties into C code at application build time, applications built against dbus-glib that use read-only properties needed to be rebuilt to fully fix the flaw. As such, this update provides NetworkManager packages that have been rebuilt against the updated dbus-glib packages. No other applications shipped with Red Hat Enterprise Linux 5 were affected. All dbus-glib and NetworkManager users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. Running instances of NetworkManager must be restarted (service NetworkManager restart) for this update to take effect.

Affected Software

Affected Software

dbus-glib on CentOS 5

Solution

Solution

Please install the updated packages.

Common Vulnerabilities and Exposures (CVE)