Vulnerabilities > CVE-2009-0489 - Configuration vulnerability in David Paleino Wicd

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
local
low complexity
david-paleino
CWE-16
nessus

Summary

The DBus configuration file for Wicd before 1.5.9 allows arbitrary users to own org.wicd.daemon, which allows local users to receive messages that were intended for the Wicd daemon, possibly including credentials.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200904-12.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200904-12 (Wicd: Information disclosure) Tiziano Mueller of Gentoo discovered that the DBus configuration file for Wicd allows arbitrary users to own the org.wicd.daemon object. Impact : A local attacker could exploit this vulnerability to receive messages that were intended for the Wicd daemon, possibly including credentials e.g. for wireless networks. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id36140
    published2009-04-11
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/36140
    titleGLSA-200904-12 : Wicd: Information disclosure
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 200904-12.
    #
    # The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(36140);
      script_version("1.13");
      script_cvs_date("Date: 2019/08/02 13:32:45");
    
      script_cve_id("CVE-2009-0489");
      script_xref(name:"GLSA", value:"200904-12");
    
      script_name(english:"GLSA-200904-12 : Wicd: Information disclosure");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-200904-12
    (Wicd: Information disclosure)
    
        Tiziano Mueller of Gentoo discovered that the DBus configuration file
        for Wicd allows arbitrary users to own the org.wicd.daemon object.
      
    Impact :
    
        A local attacker could exploit this vulnerability to receive messages
        that were intended for the Wicd daemon, possibly including credentials
        e.g. for wireless networks.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/200904-12"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All Wicd users should upgrade to the latest version:
        # emerge --sync
        # emerge --ask --oneshot --verbose '>=net-misc/wicd-1.5.9'"
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
      script_cwe_id(16);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:wicd");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/04/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/11");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"net-misc/wicd", unaffected:make_list("ge 1.5.9"), vulnerable:make_list("lt 1.5.9"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_note(port:0, extra:qpkg_report_get());
      else security_note(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Wicd");
    }
    
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2009-040-01.NASL
    descriptionNew wicd packages are available for Slackware 12.2 and -current to fix a security issue with the D-Bus configuration file that could allow local information disclosure (such as network credentials).
    last seen2020-06-01
    modified2020-06-02
    plugin id35636
    published2009-02-12
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/35636
    titleSlackware 12.2 / current : wicd (SSA:2009-040-01)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Slackware Security Advisory 2009-040-01. The text 
    # itself is copyright (C) Slackware Linux, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(35636);
      script_version("1.12");
      script_cvs_date("Date: 2019/10/25 13:36:21");
    
      script_cve_id("CVE-2009-0489");
      script_xref(name:"SSA", value:"2009-040-01");
    
      script_name(english:"Slackware 12.2 / current : wicd (SSA:2009-040-01)");
      script_summary(english:"Checks for updated package in /var/log/packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Slackware host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "New wicd packages are available for Slackware 12.2 and -current to
    fix a security issue with the D-Bus configuration file that could
    allow local information disclosure (such as network credentials)."
      );
      # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.384360
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?8983b9c8"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected wicd package.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
      script_cwe_id(16);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:wicd");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:12.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/02/09");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/02/12");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"Slackware Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("slackware.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
    if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);
    
    
    flag = 0;
    if (slackware_check(osver:"12.2", pkgname:"wicd", pkgver:"1.5.9", pkgarch:"noarch", pkgnum:"1_slack12.2")) flag++;
    
    if (slackware_check(osver:"current", pkgname:"wicd", pkgver:"1.5.9", pkgarch:"noarch", pkgnum:"1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_note(port:0, extra:slackware_report_get());
      else security_note(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 33658 CVE(CAN) ID: CVE-2009-0489 Wicd是Linux平台下的开源有线和无线网络管理器。 Wicd的dbus配置文件默认允许任何用户拥有org.wicd.daemon对象,这可能允许用户接收本应发送给wicd守护程序的消息,消息中包含网络凭据等敏感信息。 Wicd &lt;= 1.5.8 厂商补丁: Gentoo ------ Gentoo已经为此发布了一个安全公告(GLSA-200904-12)以及相应补丁: GLSA-200904-12:Wicd: Information disclosure 链接:<a href=http://security.gentoo.org/glsa/glsa-200904-12.xml target=_blank rel=external nofollow>http://security.gentoo.org/glsa/glsa-200904-12.xml</a> 所有Wicd用户都应升级到最新版本: # emerge --sync # emerge --ask --oneshot --verbose &quot;&gt;=net-misc/wicd-1.5.9&quot; Wicd ---- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href=http://downloads.sourceforge.net/wicd/wicd-1.5.9.tar.gz?modtime=1233963450&amp;big_mirror=0 target=_blank rel=external nofollow>http://downloads.sourceforge.net/wicd/wicd-1.5.9.tar.gz?modtime=1233963450&amp;big_mirror=0</a>
idSSV:5040
last seen2017-11-19
modified2009-04-13
published2009-04-13
reporterRoot
titleWicd wicd.conf默认配置本地信息泄露漏洞