CVE-2009-4144 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4144): NetworkManager (NM) 0.7.2 does not ensure that the configured Certification Authority (CA) certificate file for a (1) WPA Enterprise or (2) 802.1x network remains present upon a connection attempt, which might allow remote attackers to obtain sensitive information or cause a denial of service (connectivity disruption) by spoofing the identity of a wireless network.
CVE-2009-4145 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4145): nm-connection-editor in NetworkManager (NM) 0.7.x exports connection objects over D-Bus upon actions in the connection editor GUI, which allows local users to obtain sensitive information by reading D-Bus signals, as demonstrated by using dbus-monitor to discover the password for the WiFi network.
The vulnerability was in gnome-extra/nm-applet, not net-misc/networkmanager. As far as I can tell, it was fixed upstream before the 0.8 release. The oldest version of nm-applet in portage is 0.8.4. So I think this bug can be closed.
See http://git.gnome.org/cgit/network-manager-applet/commit/?h=NETWORKMANAGER_APPLET_0_7&id=4020594dfbf566f1852f0acb36ad631a9e73a82b and http://git.gnome.org/cgit/network-manager-applet/commit/?h=NETWORKMANAGER_APPLET_0_7&id=8627880e07c8345f69ed639325280c7f62a8f894 for the upstream commits fixing this in the 0.7 branch.
Just to give specific version numbers: this was fixed upstream in nm-applet-0.7.3 (which we never had in portage). The first fixed version in portage was I think either nm-applet-0.7.999 or 0.8.
Thanks for looking into this, Alexandre. GLSA vote: no.
No. Closing noglsa.
