This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
CVE Numbers: CVE-2011-3364
NetworkManager is a network link manager that attempts to keep a wired
wireless network connection active at all times. The ifcfg-rh
NetworkManager plug-in is used in Scientific Linux distributions to
read and write configuration information from the
An input sanitization flaw was found in the way the ifcfg-rh
plug-in escaped network connection names containing special
PolicyKit was configured to allow local, unprivileged users to create
save new network connections, they could create a connection with a
specially crafted name, leading to the escalation of their privileges.
Note: By default, PolicyKit prevents unprivileged users from creating
saving network connections. (CVE-2011-3364)
Users of NetworkManager should upgrade to these updated packages,
contain a backported patch to correct this issue. Running instances of
NetworkManager must be restarted ('service NetworkManager restart')
this update to take effect.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 6.9
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 61142 ()
CVE ID: CVE-2011-3364
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.