SalvusAlert : openSUSE Security Update: NetworkManager-gnome

Summary: NetworkManager-gnome has an update to fix vulerability with MITM attacks


Information At A Glance
Source	Version/Dependency	Developer	Severity
OpenSUSE.Org	openSUSE 11.3 and 11.4	OpenSUSE.org	moderate
Summary OpenSUSE is reporting that “NetworkManager did not pin a certificate’s subject to an ESSID. A rogue access point could therefore be used to conduct MITM attacks by using any other valid certificate issued by same CA as used in the original network (CVE-2006-7246). Please note that existing WPA2 Enterprise connections need to be deleted and re-created to take advantage of the new security checks.“ Additional information available at OpenSUSE.org. Fix Apply patches that are now available and follow additional instructions. Source Please see this post for complete patch instructions. Reported by: OpenSUSE.org, announcement ID openSUSE-SU-2012:0101-1

Advertisement: Special Offer – Get Your First 3 Months at Audible.com for $7.49/month!

Disclaimer: Salvus Alerting provides timely industry related information to its subscriber community and visitors for informational purposes only and makes every effort to distribute accurate and reliable information. Any information provided, is considered “as-is” and the subscriber and/or visitor assumes all responsibility for its uses. Salvus Alerting disclaims all warranties with regard to the information being provided, including all implied warranties of merchantability and fitness. In no event shall Salvus Alerting be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other legal action, arising out of or in connection with the use or performance of this information being provided. Salvus Systems and Salvus Alerting is a wholly owned and operated by FactNgN, LLC.