{ "threat_severity" : "Important", "public_date" : "2011-09-26T00:00:00Z", "bugzilla" : { "description" : "NetworkManager: Console user can escalate to root via newlines in ifcfg-rh connection name", "id" : "737338", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=737338" }, "cvss" : { "cvss_base_score" : "6.9", "cvss_scoring_vector" : "AV:L/AC:M/Au:N/C:C/I:C/A:C", "status" : "verified" }, "details" : [ "Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create new connections, allows local users to execute arbitrary commands via a newline character in the name for a new network connection, which is not properly handled when writing to the ifcfg file." ], "statement" : "Not vulnerable. This issue did not affect the versions of NetworkManager as shipped with Red Hat Enterprise Linux 4 or 5 as they did not include support for writing NetworkManager configurations to the standard /etc/sysconfig/network-scripts/ifcfg-* files.", "acknowledgement" : "Red Hat would like to thank Matt McCutchen for reporting this issue.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2011-09-26T00:00:00Z", "advisory" : "RHSA-2011:1338", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "NetworkManager-1:0.8.1-9.el6_1.3", "impact" : "moderate" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 4", "fix_state" : "Not affected", "package_name" : "NetworkManager", "cpe" : "cpe:/o:redhat:enterprise_linux:4" }, { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Not affected", "package_name" : "NetworkManager", "cpe" : "cpe:/o:redhat:enterprise_linux:5" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2011-3364\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-3364" ], "name" : "CVE-2011-3364", "csaw" : false }