Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 769807 - (CVE-2012-1096) CVE-2012-1096 NetworkManager, wpa_supplicant: Improper x509v3 certificate and key file paths sanitization
CVE-2012-1096 NetworkManager, wpa_supplicant: Improper x509v3 certificate and...
Status: CLOSED UPSTREAM
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
impact=low,public=20120229,reported=2...
: Security
: 799194 (view as bug list)
Depends On: 799202
Blocks: 756419
  Show dependency treegraph
 
Reported: 2011-12-22 05:50 EST by Jan Lieskovsky
Modified: 2015-07-31 02:46 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-06-13 12:34:01 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Jan Lieskovsky 2011-12-22 05:50:00 EST 
A security flaw was found in the way NetworkManager, a network connections manager, and wpa_supplicant, a WPA/WPA2/IEEE 802.1X supplicant, performed system file paths sanitization for x509v3 certificate and private key files, used for connection to trusted networks. A local attacker, with the privilege to add new network connection, could use this flaw to read arbitrary system files.
Comment 3 Jan Lieskovsky 2011-12-22 06:00:05 EST 
Acknowledgements:

Red Hat would like to thank Ludwig Nussel of the SUSE security team for reporting this issue.
Comment 4 Jan Lieskovsky 2012-03-01 11:56:54 EST 
Public via:
[1] http://www.openwall.com/lists/oss-security/2012/02/29/2
Comment 5 Jan Lieskovsky 2012-03-02 03:38:37 EST 
Created NetworkManager tracking bugs for this issue

Affects: fedora-all [bug 799202]
Comment 6 Jan Lieskovsky 2012-03-02 03:42:11 EST 
*** Bug 799194 has been marked as a duplicate of this bug. ***
Comment 10 Josh Bressers 2014-06-13 12:34:01 EDT 
We expect this to be fixed upstream in a future release.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.