CVE-2009-0578

NameCVE-2009-0578
DescriptionGNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSettings and at_console.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs519801

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
network-manager-applet (PTS)jessie0.9.10.0-2fixed
stretch1.4.4-1+deb9u1fixed
buster1.8.20-1.1fixed
bullseye1.20.0-3fixed
bookworm1.30.0-2fixed
sid, trixie1.36.0-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
network-manager-appletsourcelenny(not affected)
network-manager-appletsource(unstable)0.7.0.99-1medium519801

Notes

[lenny] - network-manager-applet <not-affected> (Bug affected the 0.7.x series)

Search for package or bug name: Reporting problems