CVE-2009-0489

Name of the Vulnerable Software and Affected Versions wicd versions prior to 1.5.9

Description The issue concerns a problem with the wicd package in Gentoo Linux, where exploitation can lead to a breach of protected information confidentiality. This can be exploited locally. The DBus configuration file for Wicd allows arbitrary users to own org.wicd.daemon, enabling local users to receive messages intended for the Wicd daemon, possibly including credentials.

Recommendations For versions prior to 1.5.9, update to version 1.5.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the DBus configuration file to prevent arbitrary users from owning org.wicd.daemon.