Name | NetworkManagerUnSecret |
CVE | CVE-2009-0365 |
Exploit Pack | CANVAS |
Description | NetworkManager: GetSecrets disclosure |
Notes | CVE Name: CVE-2009-0365 VENDOR: Linux Notes: This allows you to get secrets about wireless network connections from the NetworkManager (0.6.x and 0.7.x) for connections that other users have set up, for it to work correctly another user must be logged in with NetworkManager running in their context (e.g. have the nm-applet running in their task bar). The exploit simply uploads a path script to do the querying of the DBUS interfaces. The dbus python package is required to be present on the target for the script to run correctly, however this appears to be installed by default on most modern linux distributions. If it is not you could always upload and install it yourself :) Repeatability: Infinite References: http://www.securityfocus.com/bid/33966 CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0365 CERT Advisory: None Date public: 03/03/2009 CVSS: 4.6 |
Learn more about the CANVAS Exploit Pack here: CANVAS |