Candidate: CVE-2011-2176
PublicDate: 2011-09-02 23:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2176
 http://lwn.net/Alerts/469005/
Description:
 GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin
 element in PolicyKit, which allows local users to bypass intended wireless
 network sharing restrictions via unspecified vectors.
Ubuntu-Description:
Notes:
 mdeslaur> lucid needs a backport of the whole policykit handling code,
 mdeslaur> too intrusive, likely to cause regressions.
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631520
 https://bugzilla.redhat.com/show_bug.cgi?id=709662
 https://bugzilla.novell.com/show_bug.cgi?id=702016
Priority: low
Discovered-by:
Assigned-to: 
CVSS: 

Patches_network-manager:
 upstream: http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=e7273c1609ac267e1d77ff03c97c8929f15e3737
 upstream: http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=287fe10c40ae9b90ce703b79f3479b755f0956c0
 upstream: http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=e5085f950730b1e2e68645231e2042127c29a82e
upstream_network-manager: needs-triage
hardy_network-manager: ignored (reached end-of-life)
lucid_network-manager: ignored (reached end-of-life)
maverick_network-manager: ignored (reached end-of-life)
natty_network-manager: ignored (reached end-of-life)
oneiric_network-manager: not-affected (0.9.0-0ubuntu1)
precise_network-manager: not-affected (0.9.0-0ubuntu1)
quantal_network-manager: not-affected (0.9.0-0ubuntu1)
raring_network-manager: not-affected (0.9.0-0ubuntu1)
devel_network-manager: not-affected (0.9.0-0ubuntu1)