Summary: | <net-misc/networkmanager-0.9.4.0-r6: Multiple vulnerabilities (CVE-2011-{2176,3364}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | daavelino |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | dagger, nirbheek, qiaomuf, steev |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2176 | ||
Whiteboard: | A4 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 430370 | ||
Bug Blocks: |
Description
daavelino
2011-09-06 13:28:10 UTC
CVE-2011-2176 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2176): GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3364 Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create new connections, allows local users to execute arbitrary commands via a newline character in the name for a new network connection, which is not properly handled when writing to the ifcfg file. (In reply to comment #1) > CVE-2011-2176 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2176): > GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin > element in PolicyKit, which allows local users to bypass intended wireless > network sharing restrictions via unspecified vectors. 0.8.4.0-r2 is still in portage and I don't see a mention of this CVE or bug report in the ebuild. This version is obsolete. (In reply to comment #2) > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3364 > > Incomplete blacklist vulnerability in the svEscape function in > settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME > NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when > PolicyKit is configured to allow users to create new connections, allows > local users to execute arbitrary commands via a newline character in the > name for a new network connection, which is not properly handled when > writing to the ifcfg file. Fixed in 0.8.6 and 0.9.2 (according to NetworkManager git). Only obsolete 0.8.4.0-r2 is affected. What is the proper procedure here? Can 0.8.4.0-r2 be simply removed and this bug report closed? (In reply to comment #3) > > Fixed in 0.8.6 and 0.9.2 (according to NetworkManager git). Only > obsolete 0.8.4.0-r2 is affected. > > What is the proper procedure here? Can 0.8.4.0-r2 be simply removed and this > bug > report closed? Thanks for the info, Pavel. Stabilization completed in bug 430370. Maintainers, please drop the affected version. GLSA vote: no. GLSA Vote: No too, closing noglsa. |