SuSE 11 Security Update : dbus (SAT Patch Number 726)

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

The dbus package used a too permissive configuration. Therefore
intended access control for some services was not applied.
(CVE-2008-4311)

The new configuration denies access by default. Some dbus services may
break due to this setting and need an updated configuration as well.

With the previous update wireless networking didn't work anymore on
some machines due to stale files in /var/run/dbus/at_console. The dbus
init script now cleans up that directory on boot.

See also :

https://bugzilla.novell.com/show_bug.cgi?id=443307
https://bugzilla.novell.com/show_bug.cgi?id=486267
http://support.novell.com/security/cve/CVE-2008-4311.html

Solution :

Apply SAT patch number 726.

Risk factor :

Medium / CVSS Base Score : 4.6
(CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 41382 ()

Bugtraq ID:

CVE ID: CVE-2008-4311

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now