This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Redhat First view 2011-07-21
Product System-Config-Firewall Last view 2011-07-21
Version 1.2.27 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:redhat:system-config-firewall

Activity : Overall

Related : CVE

  Date Alert Description
7.8 2011-07-21 CVE-2011-2520

fw_dbus.py in system-config-firewall 1.2.29 and earlier uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privileges via a crafted serialized object.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-502 Deserialization of Untrusted Data

Open Source Vulnerability Database (OSVDB)

id Description
73976 system-config-firewall fw_dbus.py pickle Python Module Serialized Object Loca...

OpenVAS Exploits

id Description
2012-06-06 Name : RedHat Update for system-config-firewall RHSA-2011:0953-01
File : nvt/gb_RHSA-2011_0953-01_system-config-firewall.nasl
2011-08-12 Name : Fedora Update for system-config-firewall FEDORA-2011-9652
File : nvt/gb_fedora_2011_9652_system-config-firewall_fc15.nasl

Nessus® Vulnerability Scanner

id Description
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2011-0953.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20110718_system_config_firewall_on_SL6_x.nasl - Type: ACT_GATHER_INFO
2011-08-02 Name: The remote Fedora host is missing a security update.
File: fedora_2011-9652.nasl - Type: ACT_GATHER_INFO
2011-07-19 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2011-0953.nasl - Type: ACT_GATHER_INFO