CVE-2009-0365

Publication date 5 March 2009

Last updated 24 July 2024

Ubuntu priority

nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to discover (1) network connection passwords and (2) pre-shared keys via calls to the GetSecrets method in the dbus request handler.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
network-manager	8.10 intrepid	Fixed 0.7~~svn20081018t105859-0ubuntu1.8.10.2
	8.04 LTS hardy	Not affected
	7.10 gutsy	Not affected
	6.06 LTS dapper	Fixed 0.6.2-0ubuntu7.1
network-manager-applet	8.10 intrepid	Fixed 0.7~~svn20081020t000444-0ubuntu1.8.10.2
	8.04 LTS hardy	Fixed 0.6.6-0ubuntu3.1
	7.10 gutsy	Fixed 0.6.5-0ubuntu11~7.10.1
	6.06 LTS dapper	Not in release

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-727-2
NetworkManager vulnerability
3 March 2009

USN-727-1
network-manager-applet vulnerabilities
3 March 2009

Other references

https://www.cve.org/CVERecord?id=CVE-2009-0365