Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Red Hat Local Security Checks >> RHSA-2004-373: gnome


Vulnerability Assessment Details

RHSA-2004-373: gnome

Vulnerability Assessment Summary
Check for the version of the gnome packages

Detailed Explanation for this Vulnerability Assessment


Updated GNOME VFS packages that remove potential extfs-related
vulnerabilities are now available.

GNOME VFS is the GNOME virtual file system. It provides a modular
architecture and ships with several modules that implement support for file
systems, HTTP, FTP, and others. The extfs backends make it possible to
implement file systems for GNOME VFS using scripts.

Flaws have been found in several of the GNOME VFS extfs backend scripts.
Red Hat Enterprise Linux ships with vulnerable scripts, but they are not
used by default. A possible hacker who is able to influence a user to open a
specially-crafted URI using gnome-vfs could perform actions as that user.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2004-0494 to this issue.

Users of Red Hat Enterprise Linux should upgrade to these updated packages,
which remove these unused scripts.




Solution : http://rhn.redhat.com/errata/RHSA-2004-373.html
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security

Cables, Connectors

Dell PowerEdge R720 2x E5-2650 v2 2.6Ghz 8 Core 192GB 8x 3TB 7.2K SAS H710
$4100.0
Dell PowerEdge R720 2x E5-2650 v2 2.6Ghz 8 Core 192GB 8x 3TB 7.2K SAS H710 pictureINTEL XEON SIX-CORE W3680 3.33ghz SLBV2 12M 6.40 LGA1366
$120.0
INTEL XEON SIX-CORE W3680 3.33ghz SLBV2 12M 6.40 LGA1366 pictureIntel Xeon E5-2630L 2GHz LGA 2011 SR0KM 6-Cores 12-Threads 15M Cache 60W CPU
$34.95
Intel Xeon E5-2630L 2GHz LGA 2011 SR0KM 6-Cores 12-Threads 15M Cache 60W CPU pictureIntel Xeon Gaming Mid Tower PC
$700.0
Intel Xeon Gaming Mid Tower PC picture


Discussions

No Discussions have been posted on this vulnerability.