CVE-2009-0578

{"id": "CVE-2009-0578", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:S/C:N/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 9.2, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-03-05T02:30:00.343", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html", "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/34067", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/34473", "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2009-0361.html", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/33966", "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1021909", "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-727-1", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487752", "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49063", "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8931", "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/34067", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/34473", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/support/errata/RHSA-2009-0361.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/33966", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1021909", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ubuntu.com/usn/USN-727-1", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487752", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49063", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8931", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "GNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSettings and at_console."}, {"lang": "es", "value": "network-manager-applet en Ubuntu 8.10 no verifica adecuadamente los privilegios para las peticiones dbus(1) \"modify\" y (2) \"delete\", lo que permite a usuarios locales modificar o eliminar las conexiones de red de usuarios de su elecci\u00f3n a trav\u00e9s de vectores no especificados."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:8.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED67B852-4B37-4B79-8F4D-23B2FEACA4ED"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}