Ubuntu error permission restriction Vulnerability

Dnetwork-manager-applet is a network management program used in Ubuntu. It has the error permission restriction vulnerability. Affected System: UbuntuLinux8.10UbuntuLinux8.04UbuntuLinux7.10UbuntuLinux6.06LTS Description :-----------------------------------------------------------

Dnetwork-manager-applet is a network management program used in Ubuntu. It has the error permission restriction vulnerability.

Affected Systems:
Ubuntu Linux 8.10
Ubuntu Linux 8.04
Ubuntu Linux 7.10
Ubuntu Linux 6.06 LTS

Description:
--------------------------------------------------------------------------------
Bugtraq id: 33966
CVE (CAN) ID: CVE-2009-0365, CVE-2009-0578

Dnetwork-manager-applet is the network management program used in the Ubuntu system.

The network-manager-applet does not correctly force the permission when responding to the authorization request. Local users can use the authorization request to view the network connection password and pre-shared key of other users.

The network-manager-applet does not correctly force permissions when responding to the volume modify and delete requests. Local users can use the volume request to modify or delete network Connections of other users.

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Ubuntu
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.ubuntulinux.org/