oval:org.mitre.oval:def:21932

Definition Id: oval:org.mitre.oval:def:21932

Oval ID:	oval:org.mitre.oval:def:21932
Title:	RHSA-2011:1338: NetworkManager security update (Moderate)
Description:	Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create new connections, allows local users to execute arbitrary commands via a newline character in the name for a new network connection, which is not properly handled when writing to the ifcfg file.
Family:	unix	Class:	patch
Reference(s):	RHSA-2011:1338-01 CVE-2011-3364	Version:	4
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	NetworkManager
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section NetworkManager is earlier than 1:0.8.1-9.el6_1.3 AND NetworkManager-devel is earlier than 1:0.8.1-9.el6_1.3 AND NetworkManager-gnome is earlier than 1:0.8.1-9.el6_1.3 AND NetworkManager-glib is earlier than 1:0.8.1-9.el6_1.3 AND NetworkManager-glib-devel is earlier than 1:0.8.1-9.el6_1.3

Definition Id: oval:org.mitre.oval:def:20273

Oval ID:	oval:org.mitre.oval:def:20273
Title:	The operating system installed on the system is Red Hat Enterprise Linux 6
Description:	The operating system installed on the system is Red Hat Enterprise Linux 6.
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:redhat:enterprise_linux:6	Version:	6
Platform(s):	Red Hat Enterprise Linux 6	Product(s):
Definition Synopsis:
Red Hat Enterprise 6 is installed AND NOT Oracle Linux 6.x is installed
Referenced By:
oval:org.mitre.oval:def:21932