Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Fedora Core 11 FEDORA-2009-10539 (perl-Net-OAuth)

Information

Severity

Severity

High

Family

Family

Fedora Local Security Checks

CVSSv2 Base

CVSSv2 Base

8.3

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:P/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

12 years ago

Modified

Modified

5 years ago

Summary

The remote host is missing an update to perl-Net-OAuth announced via advisory FEDORA-2009-10539.

Insight

Insight

Update Information: A session fixation vulnerability was discovered in OAuth protocol 1.0. Perl OAuth bindings were updated to support the new version of the OAauth protocol that was issued to address the vulnerability. All OAuth users are strongly advised to update to this updated package and protocol version 1.0a which fixes the vulnerability. Upstream advisory: http://oauth.net/advisories/2009-1 ChangeLog: * Tue Oct 13 2009 Lubomir Rintel (Good Data) - 0.19-1 - Update to 0.19, fixes security issue (2009.1) * Sun Jul 26 2009 Fedora Release Engineering - 0.14-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

Solution

Solution

Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update perl-Net-OAuth' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-10539