LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

Synopsis:	Moderate: NetworkManager security update
Issue date:	2009-03-25
CVE Names:	CVE-2009-0365 CVE-2009-0578

An information disclosure flaw was found in NetworkManager's D-Bus
interface. A local attacker could leverage this flaw to discover 
sensitive information, such as network connection passwords and 
pre-shared keys. (CVE-2009-0365)

A potential denial of service flaw was found in NetworkManager's D-Bus
interface. A local user could leverage this flaw to modify local 
connection settings, preventing the system's network connection from 
functioning properly. (CVE-2009-0578)

SL 4.x

      SRPMS:
NetworkManager-0.3.1-5.el4.src.rpm
      i386:
NetworkManager-0.3.1-5.el4.i386.rpm
NetworkManager-gnome-0.3.1-5.el4.i386.rpm
      x86_64:
NetworkManager-0.3.1-5.el4.x86_64.rpm
NetworkManager-gnome-0.3.1-5.el4.x86_64.rpm

SL 5.x

      SRPMS:
NetworkManager-0.7.0-4.el5_3.src.rpm
      i386:
NetworkManager-0.7.0-4.el5_3.i386.rpm
NetworkManager-devel-0.7.0-4.el5_3.i386.rpm
NetworkManager-glib-0.7.0-4.el5_3.i386.rpm
NetworkManager-glib-devel-0.7.0-4.el5_3.i386.rpm
NetworkManager-gnome-0.7.0-4.el5_3.i386.rpm
      x86_64:
NetworkManager-0.7.0-4.el5_3.i386.rpm
NetworkManager-0.7.0-4.el5_3.x86_64.rpm
NetworkManager-devel-0.7.0-4.el5_3.i386.rpm
NetworkManager-devel-0.7.0-4.el5_3.x86_64.rpm
NetworkManager-glib-0.7.0-4.el5_3.i386.rpm
NetworkManager-glib-0.7.0-4.el5_3.x86_64.rpm
NetworkManager-glib-devel-0.7.0-4.el5_3.i386.rpm
NetworkManager-glib-devel-0.7.0-4.el5_3.x86_64.rpm
NetworkManager-gnome-0.7.0-4.el5_3.x86_64.rpm

-Connie Sieh
-Troy Dawson