CVE-2009-0578

GNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSettings and at_console.

Published: Mar 5, 2009
Updated: Apr 13, 2023
CVE: CVE-2009-0578
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.2
AV:L/AC:L/Au:S/C:N/I:C/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
ubuntu / ubuntu_linux	8.10	8.10.x

http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html
http://secunia.com/advisories/34067
http://secunia.com/advisories/34473
http://www.redhat.com/support/errata/RHSA-2009-0361.html
http://www.securityfocus.com/bid/33966
http://www.securitytracker.com/id?1021909
http://www.ubuntu.com/usn/USN-727-1
https://bugzilla.redhat.com/show_bug.cgi?id=487752
https://exchange.xforce.ibmcloud.com/vulnerabilities/49063
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8931

Vulnerability Database

CVE-2009-0578