4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:S/C:C/I:N/A:N
0.0004 Low
EPSS
Percentile
8.6%
Name | NetworkManagerUnSecret |
---|---|
CVE | CVE-2009-0365 Exploit Pack |
VENDOR: Linux | |
Notes: This allows you to get secrets about wireless network connections from the NetworkManager (0.6.x and 0.7.x) for connections that other users have set up, | |
for it to work correctly another user must be logged in with NetworkManager running in their context (e.g. have the nm-applet running in their task bar). The exploit simply | |
uploads a path script to do the querying of the DBUS interfaces. The dbus python package is required to be present on the target for the script to run correctly, however | |
this appears to be installed by default on most modern linux distributions. If it is not you could always upload and install it yourself :) | |
Repeatability: Infinite | |
References: http://www.securityfocus.com/bid/33966 | |
CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0365 | |
CERT Advisory: None | |
Date public: 03/03/2009 | |
CVSS: 4.6 |