NetworkManager security update

ID CESA-2009:0362
Type centos
Reporter CentOS Project
Modified 2009-05-22T23:01:52


CentOS Errata and Security Advisory CESA-2009:0362

NetworkManager is a network link manager that attempts to keep a wired or wireless network connection active at all times.

An information disclosure flaw was found in NetworkManager's D-Bus interface. A local attacker could leverage this flaw to discover sensitive information, such as network connection passwords and pre-shared keys. (CVE-2009-0365)

Red Hat would like to thank Ludwig Nussel for responsibly reporting this flaw.

NetworkManager users should upgrade to these updated packages, which contain a backported patch that corrects this issue.

Merged security bulletin from advisories:

Affected packages: NetworkManager NetworkManager-gnome

Upstream details at: