CVE-2011-2176

GNOME NetworkManager <0.8.6 - Privilege Escalation

Title source: llm

Description

GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors.

References (7)

Core 7

Core References

Various Sources x_refsource_confirm

http://cgit.freedesktop.org/NetworkManager/NetworkManager/plain/NEWS?h=NM_0_8

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1025711

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063665.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2011-0930.html

Issue Tracking x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=709662

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2011:171

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/44858

Scores

EPSS 0.0005

EPSS Percentile 16.9%

Details

CWE

CWE-287

Status published

Products (16)

gnome/networkmanager 0.2.0

gnome/networkmanager 0.3.0

gnome/networkmanager 0.3.1

gnome/networkmanager 0.4.1

gnome/networkmanager 0.5.0

gnome/networkmanager 0.5.1

gnome/networkmanager 0.6.0

gnome/networkmanager 0.6.1

gnome/networkmanager 0.6.2

gnome/networkmanager 0.6.6

... and 6 more

Published Sep 02, 2011

Tracked Since Feb 18, 2026