openSUSE Security Update : hal (hal-721)

This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The dbus package used a too permissive configuration. Therefore
intended access control for some services was not applied
(CVE-2008-4311).

The new configuration denies access by default. Some dbus services
like hal break due to this setting and need an updated configuration
as well. The dbus configuration in the previous hal update was
incomplete so this is the second attempt to fix the problem.

See also :

https://bugzilla.novell.com/show_bug.cgi?id=443307
https://bugzilla.novell.com/show_bug.cgi?id=469775
https://bugzilla.novell.com/show_bug.cgi?id=491320

Solution :

Update the affected hal packages.

Risk factor :

Medium / CVSS Base Score : 4.6
(CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 39983 ()

Bugtraq ID:

CVE ID: CVE-2008-4311

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now