CVE 2012-0813
Wicd before 1.7.1 saves sensitive information in log files in /var/log/wicd, which allows context-dependent attackers to obtain passwords and other sensitive information.
Related bugs and status
CVE-2012-0813 (Candidate) is related to these bugs:
Bug #979221: priv escalation exploit for wicd possible
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
979221 | priv escalation exploit for wicd possible | wicd | Critical | Fix Released | ||
979221 | priv escalation exploit for wicd possible | wicd (Ubuntu) | Undecided | Fix Released | ||
979221 | priv escalation exploit for wicd possible | wicd (Debian) | Unknown | Fix Released | ||
979221 | priv escalation exploit for wicd possible | wicd (Ubuntu Lucid) | Undecided | Fix Released | ||
979221 | priv escalation exploit for wicd possible | wicd (Ubuntu Natty) | Undecided | Fix Released | ||
979221 | priv escalation exploit for wicd possible | wicd (Ubuntu Precise) | Undecided | Fix Released | ||
979221 | priv escalation exploit for wicd possible | wicd (Ubuntu Oneiric) | Undecided | Fix Released |
Bug #992177: wicd writes sensitive information in log files (password, passphrase...)
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
992177 | wicd writes sensitive information in log files (password, passphrase...) | wicd (Ubuntu) | Undecided | Fix Released | ||
992177 | wicd writes sensitive information in log files (password, passphrase...) | wicd (Debian) | Unknown | Fix Released | ||
992177 | wicd writes sensitive information in log files (password, passphrase...) | wicd (Ubuntu Lucid) | Undecided | Fix Released | ||
992177 | wicd writes sensitive information in log files (password, passphrase...) | wicd (Ubuntu Natty) | Undecided | Fix Released | ||
992177 | wicd writes sensitive information in log files (password, passphrase...) | wicd (Ubuntu Oneiric) | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.