Family: Red Hat Local Security Checks --> Category: infos
RHSA-2004-373: gnome Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the gnome packages
Detailed Explanation for this Vulnerability Test
Updated GNOME VFS packages that remove potential extfs-related
vulnerabilities are now available.
GNOME VFS is the GNOME virtual file system. It provides a modular
architecture and ships with several modules that implement support for file
systems, HTTP, FTP, and others. The extfs backends make it possible to
implement file systems for GNOME VFS using scripts.
Flaws have been found in several of the GNOME VFS extfs backend scripts.
Red Hat Enterprise Linux ships with vulnerable scripts, but they are not
used by default. A possible hacker who is able to influence a user to open a
specially-crafted URI using gnome-vfs could perform actions as that user.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2004-0494 to this issue.
Users of Red Hat Enterprise Linux should upgrade to these updated packages,
which remove these unused scripts.
Solution : http://rhn.redhat.com/errata/RHSA-2004-373.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.