Lucene search
RootSSV:5040HistoryApr 13, 2009 - 12:00 a.m.
Wicd wicd.conf默认配置本地信息泄露漏洞
2009-04-1300:00:00
Root
www.seebug.org
17
0.0004 Low
EPSS
Percentile
5.7%
BUGTRAQ ID: 33658
CVE(CAN) ID: CVE-2009-0489
Wicd是Linux平台下的开源有线和无线网络管理器。
Wicd的dbus配置文件默认允许任何用户拥有org.wicd.daemon对象,这可能允许用户接收本应发送给wicd守护程序的消息,消息中包含网络凭据等敏感信息。
Wicd <= 1.5.8
厂商补丁:
Gentoo
Gentoo已经为此发布了一个安全公告(GLSA-200904-12)以及相应补丁:
GLSA-200904-12:Wicd: Information disclosure
链接:<a href=“http://security.gentoo.org/glsa/glsa-200904-12.xml” target=“_blank”>http://security.gentoo.org/glsa/glsa-200904-12.xml</a>
所有Wicd用户都应升级到最新版本:
emerge --sync
emerge --ask --oneshot --verbose ">=net-misc/wicd-1.5.9"
Wicd
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
<a href=“http://downloads.sourceforge.net/wicd/wicd-1.5.9.tar.gz?modtime=1233963450&big_mirror=0” target=“_blank”>http://downloads.sourceforge.net/wicd/wicd-1.5.9.tar.gz?modtime=1233963450&big_mirror=0</a>
Related
slackware
slackware
wicd
2009-02-09 16:06:50
prion
prion
Default configuration
2009-02-09 20:30:00
openvas
openvas
Slackware Advisory SSA:2009-040-01 wicd
2012-09-11 00:00:00
Slackware: Security Advisory (SSA:2009-040-01)
2012-09-10 00:00:00
Gentoo Security Advisory GLSA 200904-12 (wicd)
2009-04-15 00:00:00
nessus
nessus
Slackware 12.2 / current : wicd (SSA:2009-040-01)
2009-02-12 00:00:00
GLSA-200904-12 : Wicd: Information disclosure
2009-04-11 00:00:00
securityvulns
securityvulns
[Full-disclosure] [ GLSA 200904-12 ] Wicd: Information disclosure
2009-04-12 00:00:00
Wicd information leak
2009-04-12 00:00:00
gentoo
gentoo
Wicd: Information disclosure
2009-04-10 00:00:00
cve
cve
CVE-2009-0489
2009-02-09 20:30:00
ubuntucve
ubuntucve
CVE-2009-0489
2009-02-09 00:00:00
debiancve
debiancve
CVE-2009-0489
2009-02-09 20:30:00