Detections
Analytics
openSUSE Security Update : NetworkManager (NetworkManager-757)
medium Nessus Plugin ID 40177
Synopsis
The remote openSUSE host is missing a security update.Description
The NetworkManager configuration was too permissive and allowed any user to read secrets (CVE-2009-0365) or manipulate the configuration of other users (CVE-2009-0578).With the previous update PPP connections didn't work. This second update fixes that problem.
Additionally a bug where wifi devices didn't work correctly when the machine was booted with killswitch turned on has been fixed. The automatic ethernet connection can now be edited and NetworkManager can now work without ModemManager.
Solution
Update the affected NetworkManager packages.See Also
https://bugzilla.novell.com/show_bug.cgi?id=475851
https://bugzilla.novell.com/show_bug.cgi?id=478080
https://bugzilla.novell.com/show_bug.cgi?id=479566
https://bugzilla.novell.com/show_bug.cgi?id=483576
Plugin Details
Severity: Medium
ID: 40177
File Name: suse_11_1_NetworkManager-090402.nasl
Version: 1.12
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 7/21/2009
Updated: 1/14/2021
Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.1
CVSS v2
Risk Factor: Medium
Base Score: 6.2
Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:C/A:C
Vulnerability Information
CPE: cpe:/o:novell:opensuse:11.1, p-cpe:/a:novell:opensuse:networkmanager-devel, p-cpe:/a:novell:opensuse:networkmanager-glib, p-cpe:/a:novell:opensuse:networkmanager
Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 4/2/2009
Exploitable With
CANVAS (CANVAS)
Reference Information
CVE: CVE-2009-0365, CVE-2009-0578
CWE: 264