CVSS: 3.3EPSS: 1%CPEs: 1EXPL: 0CVE-2015-2924 – NetworkManager: denial of service (DoS) attack against IPv6 network stacks due to improper handling of Router Advertisements
https://notcve.org/view.php?id=CVE-2015-2924
The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in NetworkManager 1.x allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message, a similar issue to CVE-2015-2922. La función receive_ra en rdisc/nm-lndp-rdisc.c en la implementación del protocolo Neighbor Discovery (ND) en la pila IPv6 en NetworkManager 1.x permite a atacantes remotos reconfigurar un ajuste de límite de salto a través de un valor hop_limit pequeño en un mensaje Router Advertisement (RA), un problema similar a CVE-2015-2922. A flaw was found in the way NetworkManager handled router advertisements. An unprivileged user on a local network could use IPv6 Neighbor Discovery ICMP to broadcast a non-route with a low hop limit, causing machines to lower the hop limit on existing IPv6 routes. If this limit is small enough, IPv6 packets would be dropped before reaching the final destination. • http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157803.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158103.html http://openwall.com/lists/oss-security/2015/04/04/2 http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/76879 https://security.gentoo.org/glsa/201509-05 https://access.redhat.com/security/cve/CVE-2015-2924 https://bugzilla.redhat.com/show_bug.cgi?id=1209902 • CWE-20: Improper Input Validation CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 5.0EPSS: 2%CPEs: 25EXPL: 0CVE-2015-0272 – NetworkManager: remote DoS using IPv6 RA with bogus MTU
https://notcve.org/view.php?id=CVE-2015-0272
GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215. NOME NetworkManager permite a atacantes remotos causar una denegación de servicio (interrupción del tráfico IPv6) a través de un valor MTU manipulado en un mensaje Router Advertisement (RA) IPv6, una vulnerabilidad diferente a CVE-2015-8215. It was discovered that NetworkManager would set device MTUs based on MTU values received in IPv6 RAs (Router Advertisements), without sanity checking the MTU value first. A remote attacker could exploit this flaw to create a denial of service attack, by sending a specially crafted IPv6 RA packet to disturb IPv6 communication. • http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=d5fc88e573fa58b93034b04d35a2454f5d28cad9 http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html http://lists.opensuse.org/opensuse-security&# • CWE-20: Improper Input Validation •
CVSS: 2.1EPSS: 0%CPEs: 16EXPL: 0CVE-2011-2176 – NetworkManager: Did not honour PolicyKit auth_admin action element by creation of Ad-Hoc wireless networks
https://notcve.org/view.php?id=CVE-2011-2176
GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors. GNOME NetworkManager antes de v0.8.6 G no aplica correctamente el elemento auth_admin de PolicyKit, lo que permite a usuarios locales eludir restricciones intencionadas en el intercambio de redes inalámbricas a través de vectores no especificados. • http://cgit.freedesktop.org/NetworkManager/NetworkManager/plain/NEWS?h=NM_0_8 http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063665.html http://secunia.com/advisories/44858 http://securitytracker.com/id?1025711 http://www.mandriva.com/security/advisories?name=MDVSA-2011:171 http://www.redhat.com/support/errata/RHSA-2011-0930.html https://bugzilla.redhat.com/show_bug.cgi?id=709662 https://access.redhat.com/security/cve/CVE-2011-2176 • CWE-287: Improper Authentication •
CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0CVE-2011-1943
https://notcve.org/view.php?id=CVE-2011-1943
The destroy_one_secret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0.8.999-3.git20110526 in Fedora 15 creates a log entry containing a certificate password, which allows local users to obtain sensitive information by reading a log file. La función destroy_one_secret en nm-setting-vpn.c en libnm-util en el paquete de NetworkManager v0.8.999-3.git20110526 en Fedora 15 crea una entrada de registro que contiene una contraseña del certificado, que permite a usuarios locales obtener información sensible mediante la lectura de un archivo de registro. • http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=78ce088843d59d4494965bfc40b30a2e63d065f6 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061329.html http://www.openwall.com/lists/oss-security/2011/05/31/6 http://www.openwall.com/lists/oss-security/2011/05/31/7 https://bugzilla.redhat.com/show_bug.cgi?id=708876 https://exchange.xforce.ibmcloud.com/vulnerabilities/68057 • CWE-532: Insertion of Sensitive Information into Log File •