Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0578

Overview

Vulnerability Score 6.2 6.2
CVE Id CVE-2009-0578
Last Modified 21 Aug 2010 01:30:34
Published 04 Mar 2009 09:30:00
Confidentiality Impact NONE NONE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2009-0578

Summary

GNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSettings and at_console.

Vulnerable Systems

Operating System

  • Ubuntu Linux 8.10


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=487752

XF - networkmanager-dbus-security-bypass(49063)

UBUNTU - USN-727-1

SECTRACK - 1021909

BID - 33966

REDHAT - RHSA-2009:0361

SECUNIA - 34473

SECUNIA - 34067

SUSE - SUSE-SR:2009:009

SUSE - SUSE-SA:2009:013

Related Patches

Novell SUSE 2009:6027 NetworkManager security update for SLE 10 SP2 i586

Novell SUSE 2009:6028 NetworkManager-gnome security update for SLE 10 SP2 i586


Last Updated: 27 May 2016 10:50:18