Vulnerability in Ubuntu Ubuntu_linux

CVE-2009-0365

nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to discover (1) network connection passwords and (2) pre-shared keys via calls to the GetSecrets method in the dbus request…

EPSS: 0.008 (51.2th percentile) — read the EPSS interpretation.

Affected products

Ubuntu Ubuntu_linux — versions 6.06, 7.10, 8.04
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_UBUNTU, vendor-advisory, Vendor Advisory)
cve@mitre.org (x_refsource_UBUNTU, vendor-advisory, Vendor Advisory)
cve@mitre.org (vdb-entry, x_refsource_XF)
cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (Patch, vdb-entry, x_refsource_BID)
cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_CONFIRM)