Published: 05/03/2009 Updated: 29/09/2017

CVSS v2 Base Score: 6.2 | Impact Score: 9.2 | Exploitability Score: 3.1

VMScore: 552

Vector: AV:L/AC:L/Au:S/C:N/I:C/A:C

GNOME NetworkManager prior to 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSettings and at_console.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ubuntu ubuntu linux 8.10

Synopsis Moderate: NetworkManager security update Type/Severity Security Advisory: Moderate Topic Updated NetworkManager packages that fix two security issues are nowavailable for Red Hat Enterprise Linux 5This update has been rated as having moderate security impact by the RedHat Security Response Team ...

Debian Bug report logs - #519801 CVE-2009-0365, CVE-2009-0578 Package: network-manager-applet; Maintainer for network-manager-applet is Utopia Maintenance Team <pkg-utopia-maintainers@listsaliothdebianorg>; Reported by: Giuseppe Iuculano <giuseppe@iuculanoit> Date: Sun, 15 Mar 2009 10:42:01 UTC Severity: serious ...

It was discovered that network-manager-applet did not properly enforce permissions when responding to dbus requests A local user could perform dbus queries to view other users’ network connection passwords and pre-shared keys (CVE-2009-0365) ...

CWE-264 http://www.ubuntu.com/usn/USN-727-1 http://www.securityfocus.com/bid/33966 http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html http://www.securitytracker.com/id?1021909 http://www.redhat.com/support/errata/RHSA-2009-0361.html https://bugzilla.redhat.com/show_bug.cgi?id=487752 http://secunia.com/advisories/34473 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html http://secunia.com/advisories/34067 https://exchange.xforce.ibmcloud.com/vulnerabilities/49063 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8931 https://access.redhat.com/errata/RHSA-2009:0361 https://usn.ubuntu.com/727-1/https://nvd.nist.gov

CVE-2009-0578

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect