CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
5.1%
GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
gnome | networkmanager | * | cpe:2.3:a:gnome:networkmanager:*:*:*:*:*:*:*:* |
gnome | networkmanager | 0.2.0 | cpe:2.3:a:gnome:networkmanager:0.2.0:*:*:*:*:*:*:* |
gnome | networkmanager | 0.3.0 | cpe:2.3:a:gnome:networkmanager:0.3.0:*:*:*:*:*:*:* |
gnome | networkmanager | 0.3.1 | cpe:2.3:a:gnome:networkmanager:0.3.1:*:*:*:*:*:*:* |
gnome | networkmanager | 0.4.1 | cpe:2.3:a:gnome:networkmanager:0.4.1:*:*:*:*:*:*:* |
gnome | networkmanager | 0.5.0 | cpe:2.3:a:gnome:networkmanager:0.5.0:*:*:*:*:*:*:* |
gnome | networkmanager | 0.5.1 | cpe:2.3:a:gnome:networkmanager:0.5.1:*:*:*:*:*:*:* |
gnome | networkmanager | 0.6.0 | cpe:2.3:a:gnome:networkmanager:0.6.0:*:*:*:*:*:*:* |
gnome | networkmanager | 0.6.1 | cpe:2.3:a:gnome:networkmanager:0.6.1:*:*:*:*:*:*:* |
gnome | networkmanager | 0.6.2 | cpe:2.3:a:gnome:networkmanager:0.6.2:*:*:*:*:*:*:* |
cgit.freedesktop.org/NetworkManager/NetworkManager/plain/NEWS?h=NM_0_8
lists.fedoraproject.org/pipermail/package-announce/2011-August/063665.html
secunia.com/advisories/44858
securitytracker.com/id?1025711
www.mandriva.com/security/advisories?name=MDVSA-2011:171
www.redhat.com/support/errata/RHSA-2011-0930.html
bugzilla.redhat.com/show_bug.cgi?id=709662