Family: Fedora Local Security Checks --> Category: infos
Fedora Core 5 2007-068: mono Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the mono package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory FEDORA-2007-068 (mono).
The Mono runtime implements a JIT engine for the ECMA CLI
virtual machine (as well as a byte code interpreter, the
class loader, the garbage collector, threading system and
metadata access libraries.
A security problem was found and fixed in mono class
libraries that affects the Mono web server implementation.
By appending spaces to URLs attackers could download the
source code of ASP.net scripts that would normally get
executed by the web server.
After upgrading the packages you need to restart any running
mono web server.
Solution : Get the newest Fedora Updates
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.