CVE-2009-0365

Published: Mar 5, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to discover (1) network connection passwords and (2) pre-shared keys via calls to the GetSecrets method in the dbus request handler.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

1021910

vdb-entry

x_refsource_SECTRACK

USN-727-1

vendor-advisory

x_refsource_UBUNTU

USN-727-2

vendor-advisory

x_refsource_UBUNTU

networkmanager-dbus-info-disclosure(49062)

vdb-entry

x_refsource_XF

1021908

vdb-entry

x_refsource_SECTRACK

http://svn.gnome.org/viewvc/network-manager-applet?view=revision&revision=1207

x_refsource_CONFIRM

33966

vdb-entry

x_refsource_BID

1021911

vdb-entry

x_refsource_SECTRACK

https://bugzilla.redhat.com/show_bug.cgi?id=487722

x_refsource_CONFIRM

http://svn.gnome.org/viewvc/network-manager-applet/trunk/nm-applet.conf?r1=1133&r2=1207&pathrev=1207

x_refsource_CONFIRM

oval:org.mitre.oval:def:10828

vdb-entry

signature

x_refsource_OVAL

34067

third-party-advisory

x_refsource_SECUNIA

RHSA-2009:0362

vendor-advisory

x_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=487752

x_refsource_CONFIRM

DSA-1955

vendor-advisory

x_refsource_DEBIAN

SUSE-SR:2009:009

vendor-advisory

x_refsource_SUSE

SUSE-SA:2009:013

vendor-advisory

x_refsource_SUSE

RHSA-2009:0361

vendor-advisory

x_refsource_REDHAT

34177

third-party-advisory

x_refsource_SECUNIA

34473

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2009-0365

Description

Affected Products

References