CVE-2012-1096
published 2020-03-10CVE-2012-1096: NetworkManager 0.9 and earlier allows local users to use other users' certificates or private keys when making a connection via the file path when adding a new…
PriorityP425medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
EXPLOIT
EPSS
0.71%
48.9th percentile
NetworkManager 0.9 and earlier allows local users to use other users' certificates or private keys when making a connection via the file path when adding a new connection.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| gnome | networkmanager | <= 0.9.0 | — |
| gnome | networkmanager | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.9MEDIUMAV:L/AC:L/Au:N/C:C/I:N/A:N
osv5.5MEDIUM
vendor_redhat5.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xpp6-cqwc-x7wh: NetworkManager 0
ghsa_unreviewed·2022-04-23
CVE-2012-1096 [MEDIUM] GHSA-xpp6-cqwc-x7wh: NetworkManager 0
NetworkManager 0.9 and earlier allows local users to use other users' certificates or private keys when making a connection via the file path when adding a new connection.
OSV
CVE-2012-1096: NetworkManager 0
osv·2020-03-10·CVSS 5.5
CVE-2012-1096 [MEDIUM] CVE-2012-1096: NetworkManager 0
NetworkManager 0.9 and earlier allows local users to use other users' certificates or private keys when making a connection via the file path when adding a new connection.
Red Hat
wpa_supplicant: Improper x509v3 certificate and key file paths sanitization
vendor_redhat·2012-02-29·CVSS 5.5
CVE-2012-1096 [MEDIUM] wpa_supplicant: Improper x509v3 certificate and key file paths sanitization
wpa_supplicant: Improper x509v3 certificate and key file paths sanitization
NetworkManager 0.9 and earlier allows local users to use other users' certificates or private keys when making a connection via the file path when adding a new connection.
Package: NetworkManager (Red Hat Enterprise Linux 4) - Will not fix
Package: wpa_supplicant (Red Hat Enterprise Linux 4) - Will not fix
Package: NetworkManager (Red Hat Enterprise Linux 5) - Will not fix
Package: wpa_supplicant (Red Hat Enterprise Linux 5) - Will not fix
Package: NetworkManager (Red Hat Enterprise Linux 6) - Will not fix
Package: wpa_supplicant (Red Hat Enterprise Linux 6) - Will not fix
No detection rules found.
Bugzilla
CVE-2012-1096 NetworkManager 0.9 arbitrary file access [fedora-all]
bugzilla·2012-03-02·CVSS 5.5
CVE-2012-1096 [MEDIUM] CVE-2012-1096 NetworkManager 0.9 arbitrary file access [fedora-all]
CVE-2012-1096 NetworkManager 0.9 arbitrary file access [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=79
Bugzilla
CVE-2012-1096 NetworkManager, wpa_supplicant: Improper x509v3 certificate and key file paths sanitization
bugzilla·2011-12-22·CVSS 5.5
CVE-2012-1096 [MEDIUM] CVE-2012-1096 NetworkManager, wpa_supplicant: Improper x509v3 certificate and key file paths sanitization
CVE-2012-1096 NetworkManager, wpa_supplicant: Improper x509v3 certificate and key file paths sanitization
A security flaw was found in the way NetworkManager, a network connections manager, and wpa_supplicant, a WPA/WPA2/IEEE 802.1X supplicant, performed system file paths sanitization for x509v3 certificate and private key files, used for connection to trusted networks. A local attacker, with the privilege to add new network connection, could use this flaw to read arbitrary system files.
Discussion:
Acknowledgements:
Red Hat would like to thank Ludwig Nussel of the SUSE security team for reporting this issue.
---
Public via:
[1] http://www.openwall.com/lists/oss-security/2012/02/29/2
---
Created NetworkManager tracking bugs for this issue
Affects: fedora-all [bug 799202]
---
***
http://www.openwall.com/lists/oss-security/2012/03/02/3https://access.redhat.com/security/cve/cve-2012-1096https://bugzilla.gnome.org/show_bug.cgi?id=793329https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1096https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-1096https://security-tracker.debian.org/tracker/CVE-2012-1096http://www.openwall.com/lists/oss-security/2012/03/02/3https://access.redhat.com/security/cve/cve-2012-1096https://bugzilla.gnome.org/show_bug.cgi?id=793329https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1096https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-1096https://security-tracker.debian.org/tracker/CVE-2012-1096
2020-03-10
Published