Local Information Disclosure in NetworkManager by Red Hat
CVE-2009-4145

Currently unrated

Key Information:

Vendor: Gnome
Status: Networkmanager
Vendor: CVE Published:; 23 December 2009

Summary

NetworkManager contains a vulnerability in the nm-connection-editor component, where connection objects are exported over D-Bus. This issue allows local users to access D-Bus signals and potentially retrieve sensitive information such as WiFi passwords by monitoring these signals with tools like dbus-monitor. This raises concerns about data security as unauthorized users can exploit this flaw to obtain confidential connection information.

References

http://www.securityfocus.com/bid/37580

vdb-entryx_refsource_BID

http://www.openwall.com/lists/oss-security/2009/12/16/3

mailing-listx_refsource_MLIST

https://exchange.xforce.ibmcloud.com/vulnerabilities/54898

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 23, 2009
Vulnerability Reserved
Dec 1, 2009