RedHat Update For Libsoup RHSA-2011:1102-01 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

libsoup is an HTTP client/library implementation for GNOME. A directory traversal flaw was found in libsoup's SoupServer. If an application used SoupServer to implement an HTTP service, a remote attacker who is able to connect to that service could use this flaw to access any local files accessible to that application via a specially-crafted request. (CVE-2011-2524) All users of libsoup should upgrade to these updated packages, which contain a backported patch to resolve this issue. All running applications using libsoup's SoupServer must be restarted for the update to take effect.

Affected

libsoup on Red Hat Enterprise Linux Desktop (v. 6), Red Hat Enterprise Linux Server (v. 6), Red Hat Enterprise Linux Workstation (v. 6)

References

https://www.redhat.com/archives/rhsa-announce/2011-July/msg00033.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-2524

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

RedHat Security Advisory RHSA-2009:1595
RedHat Security Advisory RHSA-2009:1615
RedHat Security Advisory RHSA-2009:1180
RedHat Security Advisory RHSA-2009:0020
RedHat Security Advisory RHSA-2009:1083

RedHat Update for libsoup RHSA-2011:1102-01

Take action and discover your vulnerabilities