This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
CVE Numbers: CVE-2011-3364
NetworkManager is a network link manager that attempts to keep a wired
wireless network connection active at all times. The ifcfg-rh
NetworkManager plug-in is used in Scientific Linux distributions to
read and write configuration information from the
An input sanitization flaw was found in the way the ifcfg-rh
plug-in escaped network connection names containing special
PolicyKit was configured to allow local, unprivileged users to create
save new network connections, they could create a connection with a
specially-crafted name, leading to the escalation of their privileges.
Note: By default, PolicyKit prevents unprivileged users from creating
saving network connections. (CVE-2011-3364)
Users of NetworkManager should upgrade to these updated packages,
contain a backported patch to correct this issue. Running instances of
NetworkManager must be restarted ('service NetworkManager restart')
this update to take effect.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 6.9
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 61142 ()
CVE ID: CVE-2011-3364