CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:S/C:N/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
10.1%
It was discovered that network-manager-applet did not properly enforce
permissions when responding to dbus requests. A local user could perform dbus
queries to view other usersβ network connection passwords and pre-shared keys.
(CVE-2009-0365)
It was discovered that network-manager-applet did not properly enforce
permissions when responding to dbus modify and delete requests. A local user
could use dbus to modify or delete other usersβ network connections. This issue
only applied to Ubuntu 8.10. (CVE-2009-0578)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 8.10 | noarch | network-manager-gnome | <Β 0.7~~svn20081020t000444-0ubuntu1.8.10.2 | UNKNOWN |
Ubuntu | 8.04 | noarch | network-manager-gnome | <Β 0.6.6-0ubuntu3.1 | UNKNOWN |
Ubuntu | 7.10 | noarch | network-manager-gnome | <Β 0.6.5-0ubuntu11~7.10.1 | UNKNOWN |