CVE-2009-0578

NameCVE-2009-0578
DescriptionGNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSettings and at_console.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium
Debian Bugs519801

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
network-manager-applet (PTS)stretch1.4.4-1+deb9u1fixed
buster1.8.20-1.1fixed
bullseye, sid1.18.0-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
network-manager-appletsource(unstable)0.7.0.99-1medium519801
network-manager-appletsourcelenny(not affected)

Notes

[lenny] - network-manager-applet <not-affected> (Bug affected the 0.7.x series)

Search for package or bug name: Reporting problems