6.8

CVE-2006-7246

Exploit
NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnomeNetworkmanager Version >= 0.9.0 <= 0.9.9.98
OpensuseOpensuse Version11.3
OpensuseOpensuse Version11.4
OpensuseOpensuse Version12.1
SuseLinux Enterprise Desktop Version11 Updatesp1
SuseLinux Enterprise Server Version11 Updatesp1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.88% 0.545
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 1.6 5.2
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
nvd@nist.gov 3.2 3.2 4.9
AV:A/AC:H/Au:N/C:P/I:P/A:N
CWE-295 Improper Certificate Validation

The product does not validate, or incorrectly validates, a certificate.

http://www.openwall.com/lists/oss-security/2010/04/22/2
Third Party Advisory
Mailing List
https://bugzilla.gnome.org/show_bug.cgi?id=341323
Patch
Vendor Advisory
Exploit
Issue Tracking
https://bugzilla.novell.com/show_bug.cgi?id=574266
Patch
Exploit
Issue Tracking
https://lwn.net/Articles/468868/
Patch
Third Party Advisory
Exploit