Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0813

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2012-0813
Last Modified 01 Aug 2012 12:00:00
Published 29 Jun 2012 03:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2012-0813

Summary

Wicd before 1.7.1 saves sensitive information in log files in /var/log/wicd, which allows context-dependent attackers to obtain passwords and other sensitive information.

Vulnerable Systems

Application

  • David Paleino Wicd 1.2.7

  • David Paleino Wicd 1.3.1

  • David Paleino Wicd 1.4.0

  • David Paleino Wicd 1.4.1

  • David Paleino Wicd 1.4.2

  • David Paleino Wicd 1.5.0

  • David Paleino Wicd 1.5.1

  • David Paleino Wicd 1.5.2

  • David Paleino Wicd 1.5.3

  • David Paleino Wicd 1.5.4

  • David Paleino Wicd 1.5.5

  • David Paleino Wicd 1.5.6

  • David Paleino Wicd 1.5.7

  • David Paleino Wicd 1.5.8

  • David Paleino Wicd 1.5.9

  • David Paleino Wicd 1.6.0

  • David Paleino Wicd 1.6.2

  • David Paleino Wicd 1.7.0

  • David Paleino Wicd 1.7.1

  • David Paleino Wicd 1.7.2


References

CONFIRM - https://launchpad.net/wicd/+announcement/9570

BID - 51703

MLIST - [oss-security] 20120126 Re: CVE request: wicd writes sensitive information in log files (password, passphrase...)

MLIST - [oss-security] 20120126 CVE request: wicd writes sensitive information in log files (password, passphrase...)

GENTOO - GLSA-201206-08

SECUNIA - 49657

MISC - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652417

MISC - http://bazaar.launchpad.net/~wicd-devel/wicd/experimental/revision/682


Last Updated: 27 May 2016 10:58:24