NVD

Id
51290  
Name
CVE-2009-4144  
Description
NetworkManager (NM) 0.7.2 does not ensure that the configured Certification Authority (CA) certificate file for a (1) WPA Enterprise or (2) 802.1x network remains present upon a connection attempt, which might allow remote attackers to obtain sensitive information or cause a denial of service (connectivity disruption) by spoofing the identity of a wireless network.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-07  
Published
2009-12-23  
Modified Date
2010-08-21  
Seq
2009-4144  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
260186 51290 CVE-2009-4144 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560067  View
260187 51290 CVE-2009-4144 http://git.gnome.org/browse/network-manager-applet/commit/?h=NETWORKMANAGER_APPLET_0_7&id=4020594dfbf566f1852f0acb36ad631a9e73a82b  View
260188 51290 CVE-2009-4144 SUSE-SR:2010:002  View
260189 51290 CVE-2009-4144 oval:org.mitre.oval:def:11315  View
260190 51290 CVE-2009-4144 [oss-security] 20091216 NetworkManager CVE assignment  View
260191 51290 CVE-2009-4144 RHSA-2010:0108  View
260192 51290 CVE-2009-4144 37580  View
260193 51290 CVE-2009-4144 https://bugzilla.redhat.com/show_bug.cgi?id=546795  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
41502 JVNDB-2009-002509 NetworkManager における重要な情報を取得される脆弱性 NetworkManager には、WPA Enterprise または 802.1x ネットワーク用に設定された CA 証明書ファイルの取り扱いに不備があるため、重要な情報を取得される、またはサービス運用妨害 (DoS) 状態となる脆弱性が存在します。 CVE-2009-4144 41575 CVE-2009-4144 51290 6.8 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002509.html 2009-12-23 2010-03-08 View