CVE-2009-4144

Name of the Vulnerable Software and Affected Versions NetworkManager versions 0.7.0 through 0.7.2 NetworkManager-gnome version 0.7.0 NetworkManager-glib version 0.7.0 NetworkManager-glib-devel version 0.7.0 NetworkManager-devel version 0.7.0

Description The issue affects the NetworkManager package, allowing remote attackers to exploit vulnerabilities and potentially disrupt the confidentiality, integrity, and availability of protected information. This can be achieved by spoofing the identity of a wireless network, particularly in WPA Enterprise or 802.1x networks, if the configured Certification Authority (CA) certificate file is not properly ensured to remain present upon a connection attempt.

Recommendations For NetworkManager versions 0.7.0 through 0.7.2, consider updating to a version where the Certification Authority (CA) certificate file remains present upon a connection attempt to prevent spoofing. For NetworkManager-gnome version 0.7.0, restrict access to sensitive information until a patch is available. For NetworkManager-glib version 0.7.0, avoid using the vulnerable package until an update is provided. For NetworkManager-glib-devel version 0.7.0, disable the development package until a secure version is released. For NetworkManager-devel version 0.7.0, refrain from using the development package until a fix is available.