1
Candidate: CVE-2011-3364
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3364
5
https://rhn.redhat.com/errata/RHSA-2011-1338.html
7
Incomplete blacklist vulnerability in the svEscape function in
8
settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME
9
NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when
10
PolicyKit is configured to allow users to create new connections, allows
11
local users to execute arbitrary commands via a newline character in the
12
name for a new network connection, which is not properly handled when
13
writing to the ifcfg file.
16
mdeslaur> This is for the redhat-specific plugin, but we need to check
17
mdeslaur> if the debian plugin has the same flaw, as it may be based on
18
mdeslaur> the same code
19
mdeslaur> We don't look vulnerable to this, and embedded newline chars
20
mdeslaur> seem to be handled correctly.
22
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3364
24
Discovered-by: Matt McCutchen
27
Patches_network-manager:
28
upstream_network-manager: needs-triage
29
hardy_network-manager: ignored (reached end-of-life)
30
lucid_network-manager: not-affected
31
maverick_network-manager: not-affected
32
natty_network-manager: not-affected
33
oneiric_network-manager: not-affected
34
devel_network-manager: not-affected