|
|
Family: Fedora Local Security Checks --> Category: infos
Fedora Core 3 2005-1054: lm_sensors Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the lm_sensors package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory FEDORA-2005-1054 (lm_sensors).
The lm_sensors package includes a collection of modules for general SMBus
access and hardware monitoring. NOTE: this requires special support which
is not in standard 2.2-vintage kernels.
Update Information:
The lm_sensors package includes a collection of modules for
general SMBus access and hardware monitoring. NOTE: this
package requires special support which is not in standard
2.2-vintage kernels.
A bug was found in the pwmconfig tool which uses temporary
files in an insecure manner. The pwconfig tool writes a
configuration file which may be world readable for a short
period of time. This file contains various information about
the setup of lm_sensors on that machine. It could be
modified within the short window to contain configuration
data that would either render lm_sensors unusable or in the
worst case even hang the machine resulting in a DoS. The
Common Vulnerabilities and Exposures project has assigned
the name CVE-2005-2672 to this issue.
Users of lm_sensors are advised to upgrade to these updated
packages, which contain a patch which resolves this issue.
Solution : Get the newest Fedora Updates
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
