oval:org.mitre.oval:def:23284

Definition Id: oval:org.mitre.oval:def:23284

Oval ID:	oval:org.mitre.oval:def:23284
Title:	ELSA-2011:1338: NetworkManager security update (Moderate)
Description:	Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create new connections, allows local users to execute arbitrary commands via a newline character in the name for a new network connection, which is not properly handled when writing to the ifcfg file.
Family:	unix	Class:	patch
Reference(s):	ELSA-2011:1338-01 CVE-2011-3364	Version:	6
Platform(s):	Oracle Linux 6	Product(s):	NetworkManager
Definition Synopsis:
Oracle Linux 6.x rpm test NetworkManager is earlier than 1:0.8.1-9.el6_1.3 AND NetworkManager-devel is earlier than 1:0.8.1-9.el6_1.3 AND NetworkManager-gnome is earlier than 1:0.8.1-9.el6_1.3 AND NetworkManager-glib is earlier than 1:0.8.1-9.el6_1.3 AND NetworkManager-glib-devel is earlier than 1:0.8.1-9.el6_1.3

Definition Id: oval:org.mitre.oval:def:16594

Oval ID:	oval:org.mitre.oval:def:16594
Title:	Oracle Linux 6.x
Description:	The operating system installed on the system is Oracle Linux 6.x
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:oracle:linux:6	Version:	5
Platform(s):	Oracle Linux 6	Product(s):
Definition Synopsis:
the installed operating system is part of the Unix family AND Oracle Linux 6.x is installed
Referenced By:
oval:org.mitre.oval:def:23284