| ID |
CVE-2011-3364
|
| Summary |
Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create new connections, allows local users to execute arbitrary commands via a newline character in the name for a new network connection, which is not properly handled when writing to the ifcfg file. Per: http://cwe.mitre.org/data/definitions/184.html
'CWE-184: Incomplete Blacklist'
|
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:gnome:ifcfg-rh_plug-in:*:*:*:*:*:*:*:*
cpe:2.3:a:gnome:ifcfg-rh_plug-in:*:*:*:*:*:*:*:*
-
cpe:2.3:a:gnome:networkmanager:0.8.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.1:*:*:*:*:*:*:*
-
cpe:2.3:a:gnome:networkmanager:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.0:*:*:*:*:*:*:*
-
cpe:2.3:a:gnome:networkmanager:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.1:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 6.9 (as of 19-01-2012 - 03:59) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| LOCAL |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:L/AC:M/Au:N/C:C/I:C/A:C
|
| redhat
via4
|
| advisories | | bugzilla | | id | 737338 | | title | CVE-2011-3364 NetworkManager: Console user can escalate to root via newlines in ifcfg-rh connection name |
| | oval | | OR | | comment | Red Hat Enterprise Linux must be installed | | oval | oval:com.redhat.rhba:tst:20070304026 |
| AND | | comment | Red Hat Enterprise Linux 6 is installed | | oval | oval:com.redhat.rhba:tst:20111656003 |
| OR | | AND | | comment | NetworkManager is earlier than 1:0.8.1-9.el6_1.3 | | oval | oval:com.redhat.rhsa:tst:20111338001 |
| comment | NetworkManager is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20110930002 |
|
| AND | | comment | NetworkManager-devel is earlier than 1:0.8.1-9.el6_1.3 | | oval | oval:com.redhat.rhsa:tst:20111338003 |
| comment | NetworkManager-devel is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20110930004 |
|
| AND | | comment | NetworkManager-glib is earlier than 1:0.8.1-9.el6_1.3 | | oval | oval:com.redhat.rhsa:tst:20111338005 |
| comment | NetworkManager-glib is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20110930006 |
|
| AND | | comment | NetworkManager-glib-devel is earlier than 1:0.8.1-9.el6_1.3 | | oval | oval:com.redhat.rhsa:tst:20111338007 |
| comment | NetworkManager-glib-devel is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20110930008 |
|
| AND | | comment | NetworkManager-gnome is earlier than 1:0.8.1-9.el6_1.3 | | oval | oval:com.redhat.rhsa:tst:20111338009 |
| comment | NetworkManager-gnome is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20110930010 |
|
|
|
|
| | rhsa | | id | RHSA-2011:1338 | | released | 2011-09-26 | | severity | Moderate | | title | RHSA-2011:1338: NetworkManager security update (Moderate) |
|
| | rpms | - NetworkManager-1:0.8.1-9.el6_1.3
- NetworkManager-debuginfo-1:0.8.1-9.el6_1.3
- NetworkManager-devel-1:0.8.1-9.el6_1.3
- NetworkManager-glib-1:0.8.1-9.el6_1.3
- NetworkManager-glib-devel-1:0.8.1-9.el6_1.3
- NetworkManager-gnome-1:0.8.1-9.el6_1.3
|
|
| refmap
via4
|
| fedora | FEDORA-2011-13425 | | mandriva | MDVSA-2011:171 | | misc | |
|
| Last major update |
19-01-2012 - 03:59 |
| Published |
04-11-2011 - 21:55 |
| Last modified |
19-01-2012 - 03:59 |
