CVE-2011-2176
published 2011-09-02CVE-2011-2176: GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network…
PriorityP46low2.1CVSS 2.0
AVLACLAuNCNIPAN
EPSS
0.32%
24.2th percentile
GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | network-manager | < network-manager 0.9.0-1 (bookworm) | network-manager 0.9.0-1 (bookworm) |
| gnome | networkmanager | <= 0.8.4 | — |
| gnome | networkmanager | — | — |
| gnome | networkmanager | — | — |
| gnome | networkmanager | — | — |
| gnome | networkmanager | — | — |
| gnome | networkmanager | — | — |
| gnome | networkmanager | — | — |
| gnome | networkmanager | — | — |
| gnome | networkmanager | — | — |
| gnome | networkmanager | — | — |
| gnome | networkmanager | — | — |
| gnome | networkmanager | — | — |
| gnome | networkmanager | — | — |
| gnome | networkmanager | — | — |
| gnome | networkmanager | — | — |
| gnome | networkmanager | — | — |
| network-manager_project | network-manager | >= 0 < 0.9.0-1 | 0.9.0-1 |
| network-manager_project | network-manager | >= 0 < 0.9.0-1 | 0.9.0-1 |
| network-manager_project | network-manager | >= 0 < 0.9.0-1 | 0.9.0-1 |
| network-manager_project | network-manager | >= 0 < 0.9.0-1 | 0.9.0-1 |
CVSS provenance
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:P/A:N
osv2.1LOW
vendor_debian2.1LOW
vendor_redhat2.1LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
NetworkManager: Did not honour PolicyKit auth_admin action element by creation of Ad-Hoc wireless networks
vendor_redhat·2011-06-08·CVSS 2.1
CVE-2011-2176 [LOW] NetworkManager: Did not honour PolicyKit auth_admin action element by creation of Ad-Hoc wireless networks
NetworkManager: Did not honour PolicyKit auth_admin action element by creation of Ad-Hoc wireless networks
GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors.
Debian
CVE-2011-2176: network-manager - GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin eleme...
vendor_debian·2011·CVSS 2.1
CVE-2011-2176 [LOW] CVE-2011-2176: network-manager - GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin eleme...
GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors.
Scope: local
bookworm: resolved (fixed in 0.9.0-1)
bullseye: resolved (fixed in 0.9.0-1)
forky: resolved (fixed in 0.9.0-1)
sid: resolved (fixed in 0.9.0-1)
trixie: resolved (fixed in 0.9.0-1)
GHSA
GHSA-56gg-mvcc-wv2j: GNOME NetworkManager before 0
ghsa_unreviewed·2022-05-17
CVE-2011-2176 [LOW] CWE-287 GHSA-56gg-mvcc-wv2j: GNOME NetworkManager before 0
GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors.
OSV
CVE-2011-2176: GNOME NetworkManager before 0
osv·2011-09-02·CVSS 2.1
CVE-2011-2176 [LOW] CVE-2011-2176: GNOME NetworkManager before 0
GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2011-2176 NetworkManager: Did not honour PolicyKit auth_admin action element by creation of Ad-Hoc wireless networks [fedora-all]
bugzilla·2011-06-23·CVSS 2.1
CVE-2011-2176 [LOW] CVE-2011-2176 NetworkManager: Did not honour PolicyKit auth_admin action element by creation of Ad-Hoc wireless networks [fedora-all]
CVE-2011-2176 NetworkManager: Did not honour PolicyKit auth_admin action element by creation of Ad-Hoc wireless networks [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=sec
Bugzilla
CVE-2011-2176 NetworkManager: Did not honour PolicyKit auth_admin action element by creation of Ad-Hoc wireless networks
bugzilla·2011-06-01·CVSS 2.1
CVE-2011-2176 [LOW] CVE-2011-2176 NetworkManager: Did not honour PolicyKit auth_admin action element by creation of Ad-Hoc wireless networks
CVE-2011-2176 NetworkManager: Did not honour PolicyKit auth_admin action element by creation of Ad-Hoc wireless networks
It was found that NetworkManager, a network devices and connections manager,
did not properly enforce the PolicyKit 'auth_admin' action element settings
(did not require authentication by an administrative user), when the
'auth_admin' element was specified in
org.freedesktop.network-manager-settings.system.wifi.share.open (connection
sharing via an open WiFi network) action. A local attacker could use this flaw
to setup an unsecure (passwordless) Ad-Hoc wireless network.
Discussion:
Dan, jirka,
any update on where this is going?
---
Jirka, Dan:
It seems that other actions in /usr/share/polkit-1/actions/org.freedesktop.network-manager-settings.system.policy does no
http://cgit.freedesktop.org/NetworkManager/NetworkManager/plain/NEWS?h=NM_0_8http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063665.htmlhttp://secunia.com/advisories/44858http://securitytracker.com/id?1025711http://www.mandriva.com/security/advisories?name=MDVSA-2011:171http://www.redhat.com/support/errata/RHSA-2011-0930.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=709662http://cgit.freedesktop.org/NetworkManager/NetworkManager/plain/NEWS?h=NM_0_8http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063665.htmlhttp://secunia.com/advisories/44858http://securitytracker.com/id?1025711http://www.mandriva.com/security/advisories?name=MDVSA-2011:171http://www.redhat.com/support/errata/RHSA-2011-0930.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=709662
2011-09-02
Published