Red Hat Product Errata RHSA-2009:0362 - Security Advisory

Issued:: 2009-03-25
Updated:: 2009-03-25

RHSA-2009:0362 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: NetworkManager security update

Type/Severity

Security Advisory: Moderate

Topic

Updated NetworkManager packages that fix a security issue are now available
for Red Hat Enterprise Linux 4.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Description

NetworkManager is a network link manager that attempts to keep a wired or
wireless network connection active at all times.

An information disclosure flaw was found in NetworkManager's D-Bus
interface. A local attacker could leverage this flaw to discover sensitive
information, such as network connection passwords and pre-shared keys.
(CVE-2009-0365)

Red Hat would like to thank Ludwig Nussel for responsibly reporting this
flaw.

NetworkManager users should upgrade to these updated packages, which
contain a backported patch that corrects this issue.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

Red Hat Enterprise Linux Server 4 x86_64
Red Hat Enterprise Linux Server 4 ia64
Red Hat Enterprise Linux Server 4 i386
Red Hat Enterprise Linux Server - Extended Update Support 4.7 x86_64
Red Hat Enterprise Linux Server - Extended Update Support 4.7 ia64
Red Hat Enterprise Linux Server - Extended Update Support 4.7 i386
Red Hat Enterprise Linux Workstation 4 x86_64
Red Hat Enterprise Linux Workstation 4 ia64
Red Hat Enterprise Linux Workstation 4 i386
Red Hat Enterprise Linux Desktop 4 x86_64
Red Hat Enterprise Linux Desktop 4 i386
Red Hat Enterprise Linux for Power, big endian 4 ppc
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.7 ppc

Fixes

BZ - 487722 - CVE-2009-0365 NetworkManager: GetSecrets disclosure

CVEs

CVE-2009-0365

References

http://www.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 4

SRPM
NetworkManager-0.3.1-5.el4.src.rpm	SHA-256: f8ac9ef7093be3ada14cba50ff498d12b8e6b794125592d6c6c13814865da283
x86_64
NetworkManager-0.3.1-5.el4.x86_64.rpm	SHA-256: 7d0811b660dadc3e6143d13d8982d134118a65bf8d353dbbcc67601cfc4260c8
NetworkManager-0.3.1-5.el4.x86_64.rpm	SHA-256: 7d0811b660dadc3e6143d13d8982d134118a65bf8d353dbbcc67601cfc4260c8
NetworkManager-gnome-0.3.1-5.el4.x86_64.rpm	SHA-256: db00eab9e854277a6ecef7c17def9d490171aa4039e5e017b4d16a9cf5740685
NetworkManager-gnome-0.3.1-5.el4.x86_64.rpm	SHA-256: db00eab9e854277a6ecef7c17def9d490171aa4039e5e017b4d16a9cf5740685
ia64
NetworkManager-0.3.1-5.el4.ia64.rpm	SHA-256: f107439af838655bef0a0742bef2163b466200ad226e30795cdd0a578a8b9565
NetworkManager-0.3.1-5.el4.ia64.rpm	SHA-256: f107439af838655bef0a0742bef2163b466200ad226e30795cdd0a578a8b9565
NetworkManager-gnome-0.3.1-5.el4.ia64.rpm	SHA-256: cf5b70156d628ed3ec2ba8367d275d8a707d10e504a8f44f012b9754e1aa7a4f
NetworkManager-gnome-0.3.1-5.el4.ia64.rpm	SHA-256: cf5b70156d628ed3ec2ba8367d275d8a707d10e504a8f44f012b9754e1aa7a4f
i386
NetworkManager-0.3.1-5.el4.i386.rpm	SHA-256: 3fec951263c926fbd0d2d0b2d131e9259cf300a21d9594ed66426f98287d710d
NetworkManager-0.3.1-5.el4.i386.rpm	SHA-256: 3fec951263c926fbd0d2d0b2d131e9259cf300a21d9594ed66426f98287d710d
NetworkManager-gnome-0.3.1-5.el4.i386.rpm	SHA-256: 788deb482a93febcc9f26dfd2063da8a415d9cfbfcd8ff474a60f1c9b641da58
NetworkManager-gnome-0.3.1-5.el4.i386.rpm	SHA-256: 788deb482a93febcc9f26dfd2063da8a415d9cfbfcd8ff474a60f1c9b641da58

Red Hat Enterprise Linux Server - Extended Update Support 4.7

SRPM
NetworkManager-0.3.1-5.el4.src.rpm	SHA-256: f8ac9ef7093be3ada14cba50ff498d12b8e6b794125592d6c6c13814865da283
x86_64
NetworkManager-0.3.1-5.el4.x86_64.rpm	SHA-256: 7d0811b660dadc3e6143d13d8982d134118a65bf8d353dbbcc67601cfc4260c8
NetworkManager-0.3.1-5.el4.x86_64.rpm	SHA-256: 7d0811b660dadc3e6143d13d8982d134118a65bf8d353dbbcc67601cfc4260c8
NetworkManager-gnome-0.3.1-5.el4.x86_64.rpm	SHA-256: db00eab9e854277a6ecef7c17def9d490171aa4039e5e017b4d16a9cf5740685
NetworkManager-gnome-0.3.1-5.el4.x86_64.rpm	SHA-256: db00eab9e854277a6ecef7c17def9d490171aa4039e5e017b4d16a9cf5740685
ia64
NetworkManager-0.3.1-5.el4.ia64.rpm	SHA-256: f107439af838655bef0a0742bef2163b466200ad226e30795cdd0a578a8b9565
NetworkManager-0.3.1-5.el4.ia64.rpm	SHA-256: f107439af838655bef0a0742bef2163b466200ad226e30795cdd0a578a8b9565
NetworkManager-gnome-0.3.1-5.el4.ia64.rpm	SHA-256: cf5b70156d628ed3ec2ba8367d275d8a707d10e504a8f44f012b9754e1aa7a4f
NetworkManager-gnome-0.3.1-5.el4.ia64.rpm	SHA-256: cf5b70156d628ed3ec2ba8367d275d8a707d10e504a8f44f012b9754e1aa7a4f
i386
NetworkManager-0.3.1-5.el4.i386.rpm	SHA-256: 3fec951263c926fbd0d2d0b2d131e9259cf300a21d9594ed66426f98287d710d
NetworkManager-0.3.1-5.el4.i386.rpm	SHA-256: 3fec951263c926fbd0d2d0b2d131e9259cf300a21d9594ed66426f98287d710d
NetworkManager-gnome-0.3.1-5.el4.i386.rpm	SHA-256: 788deb482a93febcc9f26dfd2063da8a415d9cfbfcd8ff474a60f1c9b641da58
NetworkManager-gnome-0.3.1-5.el4.i386.rpm	SHA-256: 788deb482a93febcc9f26dfd2063da8a415d9cfbfcd8ff474a60f1c9b641da58

Red Hat Enterprise Linux Workstation 4

SRPM
NetworkManager-0.3.1-5.el4.src.rpm	SHA-256: f8ac9ef7093be3ada14cba50ff498d12b8e6b794125592d6c6c13814865da283
x86_64
NetworkManager-0.3.1-5.el4.x86_64.rpm	SHA-256: 7d0811b660dadc3e6143d13d8982d134118a65bf8d353dbbcc67601cfc4260c8
NetworkManager-gnome-0.3.1-5.el4.x86_64.rpm	SHA-256: db00eab9e854277a6ecef7c17def9d490171aa4039e5e017b4d16a9cf5740685
ia64
NetworkManager-0.3.1-5.el4.ia64.rpm	SHA-256: f107439af838655bef0a0742bef2163b466200ad226e30795cdd0a578a8b9565
NetworkManager-gnome-0.3.1-5.el4.ia64.rpm	SHA-256: cf5b70156d628ed3ec2ba8367d275d8a707d10e504a8f44f012b9754e1aa7a4f
i386
NetworkManager-0.3.1-5.el4.i386.rpm	SHA-256: 3fec951263c926fbd0d2d0b2d131e9259cf300a21d9594ed66426f98287d710d
NetworkManager-gnome-0.3.1-5.el4.i386.rpm	SHA-256: 788deb482a93febcc9f26dfd2063da8a415d9cfbfcd8ff474a60f1c9b641da58

Red Hat Enterprise Linux Desktop 4

SRPM
NetworkManager-0.3.1-5.el4.src.rpm	SHA-256: f8ac9ef7093be3ada14cba50ff498d12b8e6b794125592d6c6c13814865da283
x86_64
NetworkManager-0.3.1-5.el4.x86_64.rpm	SHA-256: 7d0811b660dadc3e6143d13d8982d134118a65bf8d353dbbcc67601cfc4260c8
NetworkManager-gnome-0.3.1-5.el4.x86_64.rpm	SHA-256: db00eab9e854277a6ecef7c17def9d490171aa4039e5e017b4d16a9cf5740685
i386
NetworkManager-0.3.1-5.el4.i386.rpm	SHA-256: 3fec951263c926fbd0d2d0b2d131e9259cf300a21d9594ed66426f98287d710d
NetworkManager-gnome-0.3.1-5.el4.i386.rpm	SHA-256: 788deb482a93febcc9f26dfd2063da8a415d9cfbfcd8ff474a60f1c9b641da58

Red Hat Enterprise Linux for Power, big endian 4

SRPM
NetworkManager-0.3.1-5.el4.src.rpm	SHA-256: f8ac9ef7093be3ada14cba50ff498d12b8e6b794125592d6c6c13814865da283
ppc
NetworkManager-0.3.1-5.el4.ppc.rpm	SHA-256: 843aa9691fbd2b5f0ee47ca24c6c3538a17377c460b9d50b44028726ae049b60
NetworkManager-gnome-0.3.1-5.el4.ppc.rpm	SHA-256: dd2a39c674ec238b08065d9bb8b8bc8e6cb9b92da03ef2a59695eef3a54df3fa

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.7

SRPM
NetworkManager-0.3.1-5.el4.src.rpm	SHA-256: f8ac9ef7093be3ada14cba50ff498d12b8e6b794125592d6c6c13814865da283
ppc
NetworkManager-0.3.1-5.el4.ppc.rpm	SHA-256: 843aa9691fbd2b5f0ee47ca24c6c3538a17377c460b9d50b44028726ae049b60
NetworkManager-gnome-0.3.1-5.el4.ppc.rpm	SHA-256: dd2a39c674ec238b08065d9bb8b8bc8e6cb9b92da03ef2a59695eef3a54df3fa

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories