CVE-2009-0578 — Linux vulnerability

CWE-2648 documents8 sources

Severity

6.2MEDIUMNVD

EPSS

0.0%

top 85.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Ubuntu Linux

Timeline

PublishedMar 5

Latest updateMay 2

Description

GNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSettings and at_console.

CVSS vector

AV:L/AC:L/C:N/I:C/A:CExploitability: 3.1 | Impact: 9.2

Affected Packages0 packages

Also affects: Ubuntu Linux 8.10

🔴Vulnerability Details

GHSA

GHSA-qphg-f927-gw8f: GNOME NetworkManager before 0↗2022-05-02

▶

OSV

CVE-2009-0578: GNOME NetworkManager before 0↗2009-03-05

▶

CVEList

CVE-2009-0578: GNOME NetworkManager before 0↗2009-03-05

▶

📋Vendor Advisories

Ubuntu

network-manager-applet vulnerabilities↗2009-03-03

▶

Red Hat

NetworkManager: local users can modify the connection settings↗2009-03-03

▶

Debian

CVE-2009-0578: network-manager-applet - GNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbu...↗2009

▶

💬Community

Bugzilla

CVE-2009-0578 NetworkManager: local users can modify the connection settings↗2009-02-27

▶