CVE |
CVE-2009-0365 Exploit Pack |
VENDOR: Linux |
|
Notes: This allows you to get secrets about wireless network connections from the NetworkManager (0.6.x and 0.7.x) for connections that other users have set up, |
|
for it to work correctly another user must be logged in with NetworkManager running in their context (e.g. have the nm-applet running in their task bar). The exploit simply |
|
uploads a path script to do the querying of the DBUS interfaces. The dbus python package is required to be present on the target for the script to run correctly, however |
|
this appears to be installed by default on most modern linux distributions. If it is not you could always upload and install it yourself :) |
|
Repeatability: Infinite |
|
References: http://www.securityfocus.com/bid/33966 |
|
CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0365 |
|
CERT Advisory: None |
|
Date public: 03/03/2009 |
|
CVSS: 4.6 |
|