Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.9
CVSSv2

CVE-2012-2095

Published: 07/04/2014 Updated: 08/04/2014
CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4
VMScore: 695
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Fedoraproject

Vulnerability Summary

The SetWiredProperty function in the D-Bus interface in WICD prior to 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message.

Vulnerable Product Search on Vulmon Subscribe to Product

fedoraproject fedora 15

david paleino wicd 1.5.3

david paleino wicd 1.5.2

david paleino wicd 1.5.1

david paleino wicd 1.5.0

fedoraproject fedora 16

david paleino wicd

david paleino wicd 1.5.6

david paleino wicd 1.5.4

david paleino wicd 1.4.2

david paleino wicd 1.4.0

david paleino wicd 1.7.0

david paleino wicd 1.6.2

david paleino wicd 1.6.0

david paleino wicd 1.5.9

david paleino wicd 1.5.8

david paleino wicd 1.2.7

fedoraproject fedora 17

david paleino wicd 1.7.1

david paleino wicd 1.5.7

david paleino wicd 1.5.5

david paleino wicd 1.4.1

david paleino wicd 1.3.1

Vendor Advisories

Debian CVElist Bug Report Logs: wicd: Local privilege escalation
Debian Bug report logs - #668397 wicd: Local privilege escalation Package: wicd; Maintainer for wicd is Debian WICD Packaging Team <pkg-wicd-maint@listsaliothdebianorg>; Source for wicd is src:wicd (PTS, buildd, popcon) Reported by: Arno Töll <arno@debianorg> Date: Wed, 11 Apr 2012 15:30:04 UTC Severity: critic ...

Exploits

Exploit DB: WICD 1.7.1 - Local Privilege Escalation
#!/usr/bin/python #wicd <= 171 0day exploit discovered on 4912 by InfoSec Institute student #For full write up and description go to wwwinfosecinstitutecom/courses/ethical_hacking_traininghtml import sys import os import time import getopt try: from wicd import dbusmanager except: print "[!] WICD Error: libraries are not availab ...

References

CWE-20http://www.openwall.com/lists/oss-security/2012/04/11/3http://www.gentoo.org/security/en/glsa/glsa-201206-08.xmlhttp://bazaar.launchpad.net/~wicd-devel/wicd/experimental/revision/751http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668397https://launchpad.net/wicd/+announcement/9888http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079055.htmlhttp://secunia.com/advisories/48759http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079025.htmlhttp://secunia.com/advisories/49657http://www.infosecinstitute.com/courses/ethical-hacking-wicd-0day.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2012-April/079029.htmlhttp://www.exploit-db.com/exploits/18733http://www.openwall.com/lists/oss-security/2012/04/11/2http://www.securityfocus.com/bid/52987https://bugs.launchpad.net/wicd/+bug/979221https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668397https://nvd.nist.govhttps://www.exploit-db.com/exploits/18733/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook