UbuntuUSN-883-1network-manager-applet vulnerabilities
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6 Medium
AI Score
Confidence
Low
0.014 Low
EPSS
Percentile
86.5%
Releases
- Ubuntu 9.04
- Ubuntu 8.10
Packages
- network-manager-applet -
Details
It was discovered that NetworkManager did not ensure that the Certification
Authority (CA) certificate file remained present when using WPA Enterprise
or 802.1x networks. A remote attacker could use this flaw to spoof the
identity of a wireless network and view sensitive information.
(CVE-2009-4144)
It was discovered that the connection editor GUI would incorrectly export
objects over D-Bus. A local user could read D-Bus signals to view other
users’ network connection passwords and pre-shared keys. (CVE-2009-4145)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 9.04 | noarch | network-manager-gnome | < 0.7.1~rc4.1-0ubuntu2.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | network-manager-gnome | < 0.7~~svn20081020t000444-0ubuntu1.8.10.3 | UNKNOWN |
Related
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6 Medium
AI Score
Confidence
Low
0.014 Low
EPSS
Percentile
86.5%