|
Family: SuSE Local Security Checks --> Category: infos
SUSE-SA:2006:073: mono-core Vulnerability Scan
Vulnerability Scan Summary Check for the version of the mono-core package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory SUSE-SA:2006:073 (mono-core).
Sebastian Krahmer of SUSE Security found that the Mono
System.Xml.Serialization class contained a /tmp race which potentially
allows local attackers to execute code as the user using the
Serialization method.
This is tracked by the Mitre CVE ID CVE-2006-5072.
Packages for all affected distributions were released on November 10th,
and for SLE 10 on November 27th.
Solution : http://www.suse.de/security/http://www.novell.com/linux/security/advisories/2006_73_mono.html
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|