CVE-2009-0365

EPSS 0.12%

network-manager network-manager-applet - information disclosure

Published: 3/5/2009Modified: 4/28/2026

Also known as:DEBIAN-CVE-2009-0365

Description

nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to discover (1) network connection passwords and (2) pre-shared keys via calls to the GetSecrets method in the dbus request handler.

Affected packages (4)

Debian/network-managerfrom 0, < 0.6.5-1
Debian/network-managerfrom 0, < 0.6.4-6+etch1
Debian/network-manager-appletfrom 0, < 0.7.0.99-1
Debian/network-manager-appletfrom 0, < 0.6.6-4+lenny1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-0365