Executive Summary
| Summary | |
|---|---|
| Title | network-manager-applet vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | USN-883-1 | First vendor Publication | 2010-01-13 |
| Vendor | Ubuntu | Last vendor Modification | 2010-01-13 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 6.8 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A security issue affects the following Ubuntu releases: Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: Ubuntu 9.04: After a standard system upgrade you need to restart your session to effect the necessary changes. Details follow: It was discovered that NetworkManager did not ensure that the Certification Authority (CA) certificate file remained present when using WPA Enterprise or 802.1x networks. A remote attacker could use this flaw to spoof the identity of a wireless network and view sensitive information. (CVE-2009-4144) It was discovered that the connection editor GUI would incorrectly export objects over D-Bus. A local user could read D-Bus signals to view other users' network connection passwords and pre-shared keys. (CVE-2009-4145) |
Original Source
| Url : http://www.ubuntu.com/usn/USN-883-1 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 50 % | CWE-310 | Cryptographic Issues |
| 50 % | CWE-200 | Information Exposure |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:10539 | |||
| Oval ID: | oval:org.mitre.oval:def:10539 | ||
| Title: | nm-connection-editor in NetworkManager (NM) 0.7.x exports connection objects over D-Bus upon actions in the connection editor GUI, which allows local users to obtain sensitive information by reading D-Bus signals, as demonstrated by using dbus-monitor to discover the password for the WiFi network. | ||
| Description: | nm-connection-editor in NetworkManager (NM) 0.7.x exports connection objects over D-Bus upon actions in the connection editor GUI, which allows local users to obtain sensitive information by reading D-Bus signals, as demonstrated by using dbus-monitor to discover the password for the WiFi network. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-4145 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:11315 | |||
| Oval ID: | oval:org.mitre.oval:def:11315 | ||
| Title: | NetworkManager (NM) 0.7.2 does not ensure that the configured Certification Authority (CA) certificate file for a (1) WPA Enterprise or (2) 802.1x network remains present upon a connection attempt, which might allow remote attackers to obtain sensitive information or cause a denial of service (connectivity disruption) by spoofing the identity of a wireless network. | ||
| Description: | NetworkManager (NM) 0.7.2 does not ensure that the configured Certification Authority (CA) certificate file for a (1) WPA Enterprise or (2) 802.1x network remains present upon a connection attempt, which might allow remote attackers to obtain sensitive information or cause a denial of service (connectivity disruption) by spoofing the identity of a wireless network. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-4144 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:13076 | |||
| Oval ID: | oval:org.mitre.oval:def:13076 | ||
| Title: | USN-883-1 -- network-manager-applet vulnerabilities | ||
| Description: | It was discovered that NetworkManager did not ensure that the Certification Authority certificate file remained present when using WPA Enterprise or 802.1x networks. A remote attacker could use this flaw to spoof the identity of a wireless network and view sensitive information. It was discovered that the connection editor GUI would incorrectly export objects over D-Bus. A local user could read D-Bus signals to view other users" network connection passwords and pre-shared keys | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-883-1 CVE-2009-4144 CVE-2009-4145 | Version: | 5 |
| Platform(s): | Ubuntu 8.10 Ubuntu 9.04 | Product(s): | network-manager-applet |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22081 | |||
| Oval ID: | oval:org.mitre.oval:def:22081 | ||
| Title: | RHSA-2010:0108: NetworkManager security update (Moderate) | ||
| Description: | nm-connection-editor in NetworkManager (NM) 0.7.x exports connection objects over D-Bus upon actions in the connection editor GUI, which allows local users to obtain sensitive information by reading D-Bus signals, as demonstrated by using dbus-monitor to discover the password for the WiFi network. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2010:0108-01 CESA-2010:0108 CVE-2009-4144 CVE-2009-4145 | Version: | 29 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | NetworkManager |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22956 | |||
| Oval ID: | oval:org.mitre.oval:def:22956 | ||
| Title: | ELSA-2010:0108: NetworkManager security update (Moderate) | ||
| Description: | nm-connection-editor in NetworkManager (NM) 0.7.x exports connection objects over D-Bus upon actions in the connection editor GUI, which allows local users to obtain sensitive information by reading D-Bus signals, as demonstrated by using dbus-monitor to discover the password for the WiFi network. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010:0108-01 CVE-2009-4144 CVE-2009-4145 | Version: | 13 |
| Platform(s): | Oracle Linux 5 | Product(s): | NetworkManager |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:28190 | |||
| Oval ID: | oval:org.mitre.oval:def:28190 | ||
| Title: | DEPRECATED: ELSA-2010-0108 -- NetworkManager security update (moderate) | ||
| Description: | [1:0.7.0-9.el5_4] - Ensure a connection is not used after its CA certificate has been deleted - Resolves: CVE-2009-4144 - Fix possible information disclosure by nm-connection-editor - Resolves: CVE-2009-4145 | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010-0108 CVE-2009-4144 CVE-2009-4145 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | NetworkManager |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2011-08-09 | Name : CentOS Update for NetworkManager CESA-2010:0108 centos5 i386 File : nvt/gb_CESA-2010_0108_NetworkManager_centos5_i386.nasl |
| 2010-02-19 | Name : RedHat Update for NetworkManager RHSA-2010:0108-01 File : nvt/gb_RHSA-2010_0108-01_NetworkManager.nasl |
| 2010-01-19 | Name : Ubuntu Update for network-manager-applet vulnerabilities USN-883-1 File : nvt/gb_ubuntu_USN_883_1.nasl |
| 2010-01-15 | Name : Fedora Update for NetworkManager FEDORA-2009-13642 File : nvt/gb_fedora_2009_13642_NetworkManager_fc11.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 61198 | NetworkManager (NM) nm-connection-editor D-Bus Local Information Disclosure |
| 61197 | network-manager-applet Certificate File Validation Failure Wireless Network C... |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0108.nasl - Type : ACT_GATHER_INFO |
| 2013-03-09 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-883-1.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100216_NetworkManager_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2010-02-25 | Name : The remote Fedora host is missing a security update. File : fedora_2009-13642.nasl - Type : ACT_GATHER_INFO |
| 2010-02-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0108.nasl - Type : ACT_GATHER_INFO |
| 2010-02-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0108.nasl - Type : ACT_GATHER_INFO |
| 2010-02-02 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_NetworkManager-gnome-100126.nasl - Type : ACT_GATHER_INFO |
| 2010-02-02 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_NetworkManager-gnome-100126.nasl - Type : ACT_GATHER_INFO |
| 2010-02-02 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_NetworkManager-gnome-100126.nasl - Type : ACT_GATHER_INFO |
| 2010-02-02 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_NetworkManager-gnome-100128.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 12:06:30 |
|
