CVE-2009-4145: Infoleak
First published: Thu Dec 10 2009(Updated: )
+++ This bug was initially created as a clone of <a class="bz_bug_link bz_secure " title="" href="show_bug.cgi?id=546115">Bug #546115</a> +++ nm-connection-editor may inadvertently publish network configuration settings over D-Bus when a user changes those settings using the connection editor. D-Bus gives all clients a bus name (usually 1:XXX where XXX is an ever-increasing number) whenever the client connects to the bus. Even though this client is not exporting a /named/ service, it is still on the bus and if the client exports an object (even inadvertently, without registering a well-known bus name) signals emitted by that object will also be proxied onto the bus. nm-connection-editor inadvertently exported connection objects on the bus, and when a user changes those connections though the connection editor GUI, the editor may emit a summary of those changes onto the bus, leading to the information disclosure. 1) start 'dbus-monitor --system' in a terminal 2) run nm-connection-editor 3) edit a connection that has secrets, like a protected wifi network 4) Upon clicking the "Apply" button, check the dbus-monitor terminal window; the wifi network password may have been emitted as part of the "Updated" signal for that connection This is only a problem for NM 0.7.x present in Fedora <= 11 and RHEL5. The problem has been long corrected in NM 0.8 (F12+). Upstream commit to 0.7.x fixing this problem is here: <a href="http://git.gnome.org/cgit/network-manager-applet/commit/?h=NETWORKMANAGER_APPLET_0_7&id=8627880e07c8345f69ed639325280c7f62a8f894">http://git.gnome.org/cgit/network-manager-applet/commit/?h=NETWORKMANAGER_APPLET_0_7&id=8627880e07c8345f69ed639325280c7f62a8f894</a>
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| GNOME NetworkManager | =0.7.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://secunia.com/advisories/37819
- http://git.gnome.org/browse/network-manager-applet/commit/?h=NETWORKMANAGER_APPLET_0_7&id=8627880e07c8345f69ed639325280c7f62a8f894
- https://bugzilla.redhat.com/show_bug.cgi?id=546117
- http://git.gnome.org/browse/network-manager-applet/commit/?h=NETWORKMANAGER_APPLET_0_7&id=56d87fcb86acb5359558e0a2ee702cfc0c3391f2
- http://www.openwall.com/lists/oss-security/2009/12/16/3
- http://www.redhat.com/support/errata/RHSA-2010-0108.html
- http://secunia.com/advisories/38420
- http://www.securityfocus.com/bid/37580
- http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00000.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/54898
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10539
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=546115
- http://git.gnome.org/cgit/network-manager-applet/commit/?h=NETWORKMANAGER_APPLET_0_7&id=8627880e07c8345f69ed639325280c7f62a8f894
- http://git.gnome.org/cgit/network-manager-applet/commit/?h=NETWORKMANAGER_APPLET_0_7&id=56d87fcb86acb5359558e0a2ee702cfc0c3391f2
- http://admin.fedoraproject.org/updates/NetworkManager-0.7.2-2.git20091223.fc11
- https://rhn.redhat.com/errata/RHSA-2010-0108.html
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/last-modified-date
- agent/remedy
- agent/tags
- agent/event
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2009-4145
- vendor/gnome
- canonical/gnome networkmanager
- version/gnome networkmanager/0.7.2