QwikSec

Security Database

CVE

CWE

Training

CVE-2011-1943

Published: Jun 14, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

The destroy_one_secret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0.8.999-3.git20110526 in Fedora 15 creates a log entry containing a certificate password, which allows local users to obtain sensitive information by reading a log file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugzilla.redhat.com/show_bug.cgi?id=708876

x_refsource_CONFIRM

networkmanager-secret-info-disclosure(68057)

vdb-entry

x_refsource_XF

[oss-security] 20110531 CVE request: NetworkManager-openvpn logs cert password

mailing-list

x_refsource_MLIST

FEDORA-2011-7919

vendor-advisory

x_refsource_FEDORA

http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=78ce088843d59d4494965bfc40b30a2e63d065f6

x_refsource_CONFIRM

[oss-security] 20110531 Re: CVE request: NetworkManager-openvpn logs cert password

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.