Rapid7 Vulnerability & Exploit Database

RHSA-2009:0361: NetworkManager security update

Back to Search

RHSA-2009:0361: NetworkManager security update

Severity
6
CVSS
(AV:L/AC:L/Au:S/C:N/I:C/A:C)
Published
03/04/2009
Created
07/25/2018
Added
09/12/2009
Modified
07/04/2017

Description

NetworkManager is a network link manager that attempts to keep a wired orwireless network connection active at all times.An information disclosure flaw was found in NetworkManager's D-Businterface. A local attacker could leverage this flaw to discover sensitiveinformation, such as network connection passwords and pre-shared keys.(CVE-2009-0365)A potential denial of service flaw was found in NetworkManager's D-Businterface. A local user could leverage this flaw to modify local connectionsettings, preventing the system's network connection from functioningproperly. (CVE-2009-0578)Red Hat would like to thank Ludwig Nussel for reporting these flawsresponsibly.Users of NetworkManager should upgrade to these updated packages whichcontain backported patches to correct these issues.

Solution(s)

  • redhat-upgrade-networkmanager
  • redhat-upgrade-networkmanager-devel
  • redhat-upgrade-networkmanager-glib
  • redhat-upgrade-networkmanager-glib-devel
  • redhat-upgrade-networkmanager-gnome

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;