Fedora 10: 2009-8799 Moderate: OCS Inventory SQL Injection Risk
fedora
August 20, 2009
A security issue has been found in GUI
https://seclists.org/fulldisclosure/2009/Aug/143
Summary
Open Computer and Software Inventory Next Generation is an application
designed to help a network or system administrator keep track of the
computers configuration and software that are installed on the network.
OCS Inventory is also able to detect all active devices on your network,
such as switch, router, network printer and unattended devices.
OCS Inventory NG includes package deployment feature on client computers.
ocsinventory is a metapackage that will install the communication server,
the administration console and the database server (MySQL).
Update Information:
A security issue has been found in GUI https://seclists.org/fulldisclosure/2009/Aug/143
Topics Covered
Change Log
* Mon Aug 17 2009 Remi Collet
References
[ 1 ] Bug #517837 - OCS Inventory NG: SQL injection in machine blacklisting
https://bugzilla.redhat.com/show_bug.cgi?id=517837
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update ocsinventory' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: ocsinventory
Product: Fedora 10
Version: 1.02.1
Release: 3.fc10
Summary: Open Computer and Software Inventory Next Generation
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!