SUSE-SA:2006:073: mono-core

Medium Nessus Plugin ID 24450


The remote host is missing a vendor-supplied security patch


The remote host is missing the patch for the advisory SUSE-SA:2006:073 (mono-core).

Sebastian Krahmer of SUSE Security found that the Mono System.Xml.Serialization class contained a /tmp race which potentially allows local attackers to execute code as the user using the Serialization method.

This is tracked by the Mitre CVE ID CVE-2006-5072.

Packages for all affected distributions were released on November 10th, and for SLE 10 on November 27th.


Plugin Details

Severity: Medium

ID: 24450

File Name: suse_SA_2006_073.nasl

Version: $Revision: 1.5 $

Agent: unix

Published: 2007/02/18

Dependencies: 12634

Risk Information

Risk Factor: Medium

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list