Fedora 13 : libcgroup-0.35.1-5.fc13 (2011-2570)

This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

Two security bugs were fixed in this release :

- CVE-2011-1006: Heap-based buffer overflow by converting
list of controllers for given task into an array of
strings

- CVE-2011-1022: Unchecked origin of NETLINK messages

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=678107
https://bugzilla.redhat.com/show_bug.cgi?id=680409
http://www.nessus.org/u?4a22ea1a

Solution :

Update the affected libcgroup package.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.3
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Fedora Local Security Checks

Nessus Plugin ID: 54834 ()

Bugtraq ID: 46578
46729

CVE ID: CVE-2011-1006
CVE-2011-1022