ID |
CVE-2011-3364
|
Summary |
Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create new connections, allows local users to execute arbitrary commands via a newline character in the name for a new network connection, which is not properly handled when writing to the ifcfg file. Per: http://cwe.mitre.org/data/definitions/184.html
'CWE-184: Incomplete Blacklist'
|
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:gnome:ifcfg-rh_plug-in:*:*:*:*:*:*:*:*
cpe:2.3:a:gnome:ifcfg-rh_plug-in:*:*:*:*:*:*:*:*
-
cpe:2.3:a:gnome:networkmanager:0.8.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.8.1:*:*:*:*:*:*:*
-
cpe:2.3:a:gnome:networkmanager:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.0:*:*:*:*:*:*:*
-
cpe:2.3:a:gnome:networkmanager:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:networkmanager:0.9.1:*:*:*:*:*:*:*
|
CVSS |
Base: | 6.9 (as of 19-01-2012 - 03:59) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:L/AC:M/Au:N/C:C/I:C/A:C
|
redhat
via4
|
advisories | bugzilla | id | 737338 | title | CVE-2011-3364 NetworkManager: Console user can escalate to root via newlines in ifcfg-rh connection name |
| oval | OR | comment | Red Hat Enterprise Linux must be installed | oval | oval:com.redhat.rhba:tst:20070304026 |
AND | comment | Red Hat Enterprise Linux 6 is installed | oval | oval:com.redhat.rhba:tst:20111656003 |
OR | AND | comment | NetworkManager is earlier than 1:0.8.1-9.el6_1.3 | oval | oval:com.redhat.rhsa:tst:20111338001 |
comment | NetworkManager is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20110930002 |
|
AND | comment | NetworkManager-devel is earlier than 1:0.8.1-9.el6_1.3 | oval | oval:com.redhat.rhsa:tst:20111338003 |
comment | NetworkManager-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20110930004 |
|
AND | comment | NetworkManager-glib is earlier than 1:0.8.1-9.el6_1.3 | oval | oval:com.redhat.rhsa:tst:20111338005 |
comment | NetworkManager-glib is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20110930006 |
|
AND | comment | NetworkManager-glib-devel is earlier than 1:0.8.1-9.el6_1.3 | oval | oval:com.redhat.rhsa:tst:20111338007 |
comment | NetworkManager-glib-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20110930008 |
|
AND | comment | NetworkManager-gnome is earlier than 1:0.8.1-9.el6_1.3 | oval | oval:com.redhat.rhsa:tst:20111338009 |
comment | NetworkManager-gnome is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20110930010 |
|
|
|
|
| rhsa | id | RHSA-2011:1338 | released | 2011-09-26 | severity | Moderate | title | RHSA-2011:1338: NetworkManager security update (Moderate) |
|
| rpms | - NetworkManager-1:0.8.1-9.el6_1.3
- NetworkManager-debuginfo-1:0.8.1-9.el6_1.3
- NetworkManager-devel-1:0.8.1-9.el6_1.3
- NetworkManager-glib-1:0.8.1-9.el6_1.3
- NetworkManager-glib-devel-1:0.8.1-9.el6_1.3
- NetworkManager-gnome-1:0.8.1-9.el6_1.3
|
|
refmap
via4
|
fedora | FEDORA-2011-13425 | mandriva | MDVSA-2011:171 | misc | |
|
Last major update |
19-01-2012 - 03:59 |
Published |
04-11-2011 - 21:55 |
Last modified |
19-01-2012 - 03:59 |