Fluid Attacks Database

Description

GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	network-manager	>=0 <0.9.0-1	0.9.0-1
debian 11	network-manager	>=0 <0.9.0-1	0.9.0-1
debian 13	network-manager	>=0 <0.9.0-1	0.9.0-1
debian 12	network-manager	>=0 <0.9.0-1	0.9.0-1
rpm rhel6	NetworkManager	<1:0.8.1-9.el6_1.1	1:0.8.1-9.el6_1.1

Aliases

1. CVE-2011-21762. NVD-2011-21763. OSV-DEBIAN-2011-21764. OSV-2011-21765. SECURITY-TRACKER-CVE-2011-2176

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.