RedHat Security Advisory RHSA-2009:0474 Network Vulnerability

Summary

The remote host is missing updates announced in advisory RHSA-2009:0474. acpid is a daemon that dispatches ACPI (Advanced Configuration and Power Interface) events to user-space programs. Anthony de Almeida Lopes of Outpost24 AB reported a denial of service flaw in the acpid daemon's error handling. If an attacker could exhaust the sockets open to acpid, the daemon would enter an infinite loop, consuming most CPU resources and preventing acpid from communicating with legitimate processes. (CVE-2009-0798) Users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.

Solution

Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date

References

http://rhn.redhat.com/errata/RHSA-2009-0474.html

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-0798

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

RedHat Security Advisory RHSA-2009:1040
RedHat Update for 389-ds-base RHSA-2013:1119-01
RedHat Security Advisory RHSA-2009:1066
RedHat Security Advisory RHSA-2009:1039
RedHat Security Advisory RHSA-2009:1646

Take action and discover your vulnerabilities