This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
It was discovered that dbus-glib did not enforce the 'access' flag on
exported GObject properties. If such a property were read/write
internally but specified as read-only externally, a malicious, local
user could use this flaw to modify that property of an application.
Such a change could impact the application's behavior (for example, if
an IP address were changed the network may not come up properly after
reboot) and possibly lead to a denial of service. (CVE-2010-1172)
Due to the way dbus-glib translates an application's XML definitions
of service interfaces and properties into C code at application build
time, applications built against dbus-glib that use read-only
properties needed to be rebuilt to fully fix the flaw. As such, this
update provides NetworkManager packages that have been rebuilt against
the updated dbus-glib packages. No other applications shipped with
Scientific Linux 5 were affected.
Running instances of NetworkManager must be restarted (service
NetworkManager restart) for this update to take effect.
See also :
Update the affected packages.
Risk factor :
Low / CVSS Base Score : 3.6
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60833 ()
CVE ID: CVE-2010-1172