Vulnerability Details CVE-2009-0578
GNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSettings and at_console.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.9%
CVSS Severity
CVSS v2 Score 6.2
References
- http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html
- http://secunia.com/advisories/34067
- http://secunia.com/advisories/34473
- http://www.redhat.com/support/errata/RHSA-2009-0361.html
- http://www.securityfocus.com/bid/33966
- http://www.securitytracker.com/id?1021909
- http://www.ubuntu.com/usn/USN-727-1
- https://bugzilla.redhat.com/show_bug.cgi?id=487752
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49063
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8931
- http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html
- http://secunia.com/advisories/34067
- http://secunia.com/advisories/34473
- http://www.redhat.com/support/errata/RHSA-2009-0361.html
- http://www.securityfocus.com/bid/33966
- http://www.securitytracker.com/id?1021909
- http://www.ubuntu.com/usn/USN-727-1
- https://bugzilla.redhat.com/show_bug.cgi?id=487752
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49063
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8931
Products affected by CVE-2009-0578
-
cpe:2.3:o:ubuntu:ubuntu_linux:8.10