CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
5.1%
Incomplete blacklist vulnerability in the svEscape function in
settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME
NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when
PolicyKit is configured to allow users to create new connections, allows
local users to execute arbitrary commands via a newline character in the
name for a new network connection, which is not properly handled when
writing to the ifcfg file.
Author | Note |
---|---|
mdeslaur | This is for the redhat-specific plugin, but we need to check if the debian plugin has the same flaw, as it may be based on the same code We don’t look vulnerable to this, and embedded newline chars seem to be handled correctly. |