Search criteria
3 vulnerabilities by david_paleino
CVE-2012-2095 (GCVE-0-2012-2095)
Vulnerability from cvelistv5 – Published: 2014-04-07 15:00 – Updated: 2024-08-06 19:26
VLAI?
Summary
The SetWiredProperty function in the D-Bus interface in WICD before 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
Date Public ?
2012-04-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:26:07.705Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48759",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48759"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668397"
},
{
"name": "52987",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52987"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://launchpad.net/wicd/+announcement/9888"
},
{
"name": "[oss-security] 20120411 CVE id request: wicd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/04/11/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/wicd/+bug/979221"
},
{
"name": "49657",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49657"
},
{
"name": "FEDORA-2012-5909",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079055.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.infosecinstitute.com/courses/ethical-hacking-wicd-0day.html"
},
{
"name": "FEDORA-2012-5923",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079029.html"
},
{
"name": "[oss-security] 20120411 Re: CVE id request: wicd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/04/11/3"
},
{
"name": "18733",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/18733"
},
{
"name": "GLSA-201206-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201206-08.xml"
},
{
"name": "FEDORA-2012-5858",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079025.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bazaar.launchpad.net/~wicd-devel/wicd/experimental/revision/751"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The SetWiredProperty function in the D-Bus interface in WICD before 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-07T14:57:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48759",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48759"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668397"
},
{
"name": "52987",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52987"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://launchpad.net/wicd/+announcement/9888"
},
{
"name": "[oss-security] 20120411 CVE id request: wicd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/04/11/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/wicd/+bug/979221"
},
{
"name": "49657",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49657"
},
{
"name": "FEDORA-2012-5909",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079055.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.infosecinstitute.com/courses/ethical-hacking-wicd-0day.html"
},
{
"name": "FEDORA-2012-5923",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079029.html"
},
{
"name": "[oss-security] 20120411 Re: CVE id request: wicd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/04/11/3"
},
{
"name": "18733",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/18733"
},
{
"name": "GLSA-201206-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201206-08.xml"
},
{
"name": "FEDORA-2012-5858",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079025.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bazaar.launchpad.net/~wicd-devel/wicd/experimental/revision/751"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-2095",
"datePublished": "2014-04-07T15:00:00.000Z",
"dateReserved": "2012-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-06T19:26:07.705Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0813 (GCVE-0-2012-0813)
Vulnerability from cvelistv5 – Published: 2012-06-29 19:00 – Updated: 2024-08-06 18:38
VLAI?
Summary
Wicd before 1.7.1 saves sensitive information in log files in /var/log/wicd, which allows context-dependent attackers to obtain passwords and other sensitive information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:38:14.777Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://launchpad.net/wicd/+announcement/9570"
},
{
"name": "[oss-security] 20120126 Re: CVE request: wicd writes sensitive information in log files (password, passphrase...)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/26/14"
},
{
"name": "51703",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51703"
},
{
"name": "49657",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49657"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bazaar.launchpad.net/~wicd-devel/wicd/experimental/revision/682"
},
{
"name": "[oss-security] 20120126 CVE request: wicd writes sensitive information in log files (password, passphrase...)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/26/13"
},
{
"name": "GLSA-201206-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201206-08.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652417"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Wicd before 1.7.1 saves sensitive information in log files in /var/log/wicd, which allows context-dependent attackers to obtain passwords and other sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-06-29T19:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://launchpad.net/wicd/+announcement/9570"
},
{
"name": "[oss-security] 20120126 Re: CVE request: wicd writes sensitive information in log files (password, passphrase...)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/26/14"
},
{
"name": "51703",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51703"
},
{
"name": "49657",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49657"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bazaar.launchpad.net/~wicd-devel/wicd/experimental/revision/682"
},
{
"name": "[oss-security] 20120126 CVE request: wicd writes sensitive information in log files (password, passphrase...)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/26/13"
},
{
"name": "GLSA-201206-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201206-08.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652417"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0813",
"datePublished": "2012-06-29T19:00:00.000Z",
"dateReserved": "2012-01-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:38:14.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0489 (GCVE-0-2009-0489)
Vulnerability from cvelistv5 – Published: 2009-02-09 20:00 – Updated: 2024-08-07 04:40
VLAI?
Summary
The DBus configuration file for Wicd before 1.5.9 allows arbitrary users to own org.wicd.daemon, which allows local users to receive messages that were intended for the Wicd daemon, possibly including credentials.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2009-02-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:40:03.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200904-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200904-12.xml"
},
{
"name": "34685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34685"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=194573\u0026release_id=659059"
},
{
"name": "[oss-security] 20090206 CVE Request - Wicd \u003c= 1.5.8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/02/06/4"
},
{
"name": "33870",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33870"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bazaar.launchpad.net/~wicd-devel/wicd/trunk/revision/222"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-02-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The DBus configuration file for Wicd before 1.5.9 allows arbitrary users to own org.wicd.daemon, which allows local users to receive messages that were intended for the Wicd daemon, possibly including credentials."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-04-16T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200904-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200904-12.xml"
},
{
"name": "34685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34685"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=194573\u0026release_id=659059"
},
{
"name": "[oss-security] 20090206 CVE Request - Wicd \u003c= 1.5.8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/02/06/4"
},
{
"name": "33870",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33870"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bazaar.launchpad.net/~wicd-devel/wicd/trunk/revision/222"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DBus configuration file for Wicd before 1.5.9 allows arbitrary users to own org.wicd.daemon, which allows local users to receive messages that were intended for the Wicd daemon, possibly including credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200904-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200904-12.xml"
},
{
"name": "34685",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34685"
},
{
"name": "http://sourceforge.net/project/shownotes.php?group_id=194573\u0026release_id=659059",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=194573\u0026release_id=659059"
},
{
"name": "[oss-security] 20090206 CVE Request - Wicd \u003c= 1.5.8",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/02/06/4"
},
{
"name": "33870",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33870"
},
{
"name": "http://bazaar.launchpad.net/~wicd-devel/wicd/trunk/revision/222",
"refsource": "CONFIRM",
"url": "http://bazaar.launchpad.net/~wicd-devel/wicd/trunk/revision/222"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0489",
"datePublished": "2009-02-09T20:00:00.000Z",
"dateReserved": "2009-02-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:40:03.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}