Ubuntu Update For Network-manager-applet Vulnerabilities USN-883-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-883-1

Solution

Please Install the Updated Packages.

Insight

It was discovered that NetworkManager did not ensure that the Certification Authority (CA) certificate file remained present when using WPA Enterprise or 802.1x networks. A remote attacker could use this flaw to spoof the identity of a wireless network and view sensitive information. (CVE-2009-4144) It was discovered that the connection editor GUI would incorrectly export objects over D-Bus. A local user could read D-Bus signals to view other users' network connection passwords and pre-shared keys. (CVE-2009-4145)

Affected

network-manager-applet vulnerabilities on Ubuntu 8.10 , Ubuntu 9.04

Severity

Classification

CVE CVE-2009-4144, CVE-2009-4145

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for apache2 USN-1368-1
Ubuntu Update for bzip2 USN-1308-1
Ubuntu Update for acpid USN-1296-1
Ubuntu Update for clamav USN-1816-1
Ubuntu Update for apache2 USN-2152-1

Ubuntu Update for network-manager-applet vulnerabilities USN-883-1

Take action and discover your vulnerabilities