Vulnerabilities > CVE-2009-0489 - Configuration vulnerability in David Paleino Wicd
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The DBus configuration file for Wicd before 1.5.9 allows arbitrary users to own org.wicd.daemon, which allows local users to receive messages that were intended for the Wicd daemon, possibly including credentials.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200904-12.NASL description The remote host is affected by the vulnerability described in GLSA-200904-12 (Wicd: Information disclosure) Tiziano Mueller of Gentoo discovered that the DBus configuration file for Wicd allows arbitrary users to own the org.wicd.daemon object. Impact : A local attacker could exploit this vulnerability to receive messages that were intended for the Wicd daemon, possibly including credentials e.g. for wireless networks. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 36140 published 2009-04-11 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/36140 title GLSA-200904-12 : Wicd: Information disclosure code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 200904-12. # # The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(36140); script_version("1.13"); script_cvs_date("Date: 2019/08/02 13:32:45"); script_cve_id("CVE-2009-0489"); script_xref(name:"GLSA", value:"200904-12"); script_name(english:"GLSA-200904-12 : Wicd: Information disclosure"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-200904-12 (Wicd: Information disclosure) Tiziano Mueller of Gentoo discovered that the DBus configuration file for Wicd allows arbitrary users to own the org.wicd.daemon object. Impact : A local attacker could exploit this vulnerability to receive messages that were intended for the Wicd daemon, possibly including credentials e.g. for wireless networks. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/200904-12" ); script_set_attribute( attribute:"solution", value: "All Wicd users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/wicd-1.5.9'" ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N"); script_cwe_id(16); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:wicd"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2009/04/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/11"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"net-misc/wicd", unaffected:make_list("ge 1.5.9"), vulnerable:make_list("lt 1.5.9"))) flag++; if (flag) { if (report_verbosity > 0) security_note(port:0, extra:qpkg_report_get()); else security_note(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Wicd"); }
NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2009-040-01.NASL description New wicd packages are available for Slackware 12.2 and -current to fix a security issue with the D-Bus configuration file that could allow local information disclosure (such as network credentials). last seen 2020-06-01 modified 2020-06-02 plugin id 35636 published 2009-02-12 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/35636 title Slackware 12.2 / current : wicd (SSA:2009-040-01) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Slackware Security Advisory 2009-040-01. The text # itself is copyright (C) Slackware Linux, Inc. # include("compat.inc"); if (description) { script_id(35636); script_version("1.12"); script_cvs_date("Date: 2019/10/25 13:36:21"); script_cve_id("CVE-2009-0489"); script_xref(name:"SSA", value:"2009-040-01"); script_name(english:"Slackware 12.2 / current : wicd (SSA:2009-040-01)"); script_summary(english:"Checks for updated package in /var/log/packages"); script_set_attribute( attribute:"synopsis", value:"The remote Slackware host is missing a security update." ); script_set_attribute( attribute:"description", value: "New wicd packages are available for Slackware 12.2 and -current to fix a security issue with the D-Bus configuration file that could allow local information disclosure (such as network credentials)." ); # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.384360 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?8983b9c8" ); script_set_attribute(attribute:"solution", value:"Update the affected wicd package."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N"); script_cwe_id(16); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:wicd"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:12.2"); script_set_attribute(attribute:"patch_publication_date", value:"2009/02/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/02/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"Slackware Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("slackware.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware"); if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu); flag = 0; if (slackware_check(osver:"12.2", pkgname:"wicd", pkgver:"1.5.9", pkgarch:"noarch", pkgnum:"1_slack12.2")) flag++; if (slackware_check(osver:"current", pkgname:"wicd", pkgver:"1.5.9", pkgarch:"noarch", pkgnum:"1")) flag++; if (flag) { if (report_verbosity > 0) security_note(port:0, extra:slackware_report_get()); else security_note(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 33658 CVE(CAN) ID: CVE-2009-0489 Wicd是Linux平台下的开源有线和无线网络管理器。 Wicd的dbus配置文件默认允许任何用户拥有org.wicd.daemon对象,这可能允许用户接收本应发送给wicd守护程序的消息,消息中包含网络凭据等敏感信息。 Wicd <= 1.5.8 厂商补丁: Gentoo ------ Gentoo已经为此发布了一个安全公告(GLSA-200904-12)以及相应补丁: GLSA-200904-12:Wicd: Information disclosure 链接:<a href=http://security.gentoo.org/glsa/glsa-200904-12.xml target=_blank rel=external nofollow>http://security.gentoo.org/glsa/glsa-200904-12.xml</a> 所有Wicd用户都应升级到最新版本: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/wicd-1.5.9" Wicd ---- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href=http://downloads.sourceforge.net/wicd/wicd-1.5.9.tar.gz?modtime=1233963450&big_mirror=0 target=_blank rel=external nofollow>http://downloads.sourceforge.net/wicd/wicd-1.5.9.tar.gz?modtime=1233963450&big_mirror=0</a> |
id | SSV:5040 |
last seen | 2017-11-19 |
modified | 2009-04-13 |
published | 2009-04-13 |
reporter | Root |
title | Wicd wicd.conf默认配置本地信息泄露漏洞 |
References
- http://bazaar.launchpad.net/~wicd-devel/wicd/trunk/revision/222
- http://secunia.com/advisories/33870
- http://secunia.com/advisories/34685
- http://security.gentoo.org/glsa/glsa-200904-12.xml
- http://sourceforge.net/project/shownotes.php?group_id=194573&release_id=659059
- http://www.openwall.com/lists/oss-security/2009/02/06/4