CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
86.5%
It was discovered that NetworkManager did not ensure that the Certification
Authority (CA) certificate file remained present when using WPA Enterprise
or 802.1x networks. A remote attacker could use this flaw to spoof the
identity of a wireless network and view sensitive information.
(CVE-2009-4144)
It was discovered that the connection editor GUI would incorrectly export
objects over D-Bus. A local user could read D-Bus signals to view other
users’ network connection passwords and pre-shared keys. (CVE-2009-4145)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 9.04 | noarch | network-manager-gnome | < 0.7.1~rc4.1-0ubuntu2.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | network-manager-gnome | < 0.7~~svn20081020t000444-0ubuntu1.8.10.3 | UNKNOWN |