OracleVM 2.1 : acpid (OVMSA-2009-0008)
Medium Nessus Plugin ID 79455
SynopsisThe remote OracleVM host is missing a security update.
DescriptionThe remote OracleVM system is missing necessary patches to address critical security updates :
The daemon in acpid before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connectivity loss) by opening a large number of UNIX sockets without closing them, which triggers an infinite loop.
- Updated the License entry
- Fixed CVE-2009-0798 (too many open files DoS)
- Resolves: #496291
- Minor fixes in init script
- Resolves: #237752
- Review of init script
- Fixed fd leaking
- Resolves: #237752 #441686
SolutionUpdate the affected acpid package.