CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:S/C:N/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
5.1%
GNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSettings and at_console.
Vendor | Product | Version | CPE |
---|---|---|---|
ubuntu | ubuntu_linux | 8.10 | cpe:2.3:o:ubuntu:ubuntu_linux:8.10:*:*:*:*:*:*:* |
lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html
lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html
secunia.com/advisories/34067
secunia.com/advisories/34473
www.redhat.com/support/errata/RHSA-2009-0361.html
www.securityfocus.com/bid/33966
www.securitytracker.com/id?1021909
www.ubuntu.com/usn/USN-727-1
bugzilla.redhat.com/show_bug.cgi?id=487752
exchange.xforce.ibmcloud.com/vulnerabilities/49063
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8931