CVE 2012-2095
The SetWiredProperty function in the D-Bus interface in WICD before 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message.
Related bugs and status
CVE-2012-2095 (Candidate) is related to these bugs:
Bug #979221: priv escalation exploit for wicd possible
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
979221 | priv escalation exploit for wicd possible | wicd | Critical | Fix Released | ||
979221 | priv escalation exploit for wicd possible | wicd (Ubuntu) | Undecided | Fix Released | ||
979221 | priv escalation exploit for wicd possible | wicd (Debian) | Unknown | Fix Released | ||
979221 | priv escalation exploit for wicd possible | wicd (Ubuntu Lucid) | Undecided | Fix Released | ||
979221 | priv escalation exploit for wicd possible | wicd (Ubuntu Natty) | Undecided | Fix Released | ||
979221 | priv escalation exploit for wicd possible | wicd (Ubuntu Precise) | Undecided | Fix Released | ||
979221 | priv escalation exploit for wicd possible | wicd (Ubuntu Oneiric) | Undecided | Fix Released |
Bug #992177: wicd writes sensitive information in log files (password, passphrase...)
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
992177 | wicd writes sensitive information in log files (password, passphrase...) | wicd (Ubuntu) | Undecided | Fix Released | ||
992177 | wicd writes sensitive information in log files (password, passphrase...) | wicd (Debian) | Unknown | Fix Released | ||
992177 | wicd writes sensitive information in log files (password, passphrase...) | wicd (Ubuntu Lucid) | Undecided | Fix Released | ||
992177 | wicd writes sensitive information in log files (password, passphrase...) | wicd (Ubuntu Natty) | Undecided | Fix Released | ||
992177 | wicd writes sensitive information in log files (password, passphrase...) | wicd (Ubuntu Oneiric) | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.