[Secure-testing-team] Bug#560067: network-manager-gnome: nm connects to WPA2 with certificate after .pem file was delated

Witold Baryluk baryluk at smp.if.uj.edu.pl
Tue Dec 8 17:40:44 UTC 2009 

Package: network-manager-gnome
Version: 0.7.2-1
Severity: grave
Tags: security
Justification: user security hole

After configuring WPA2 Enterprise with TTLS and PAP, I was using certificate file
in /etc/ssl/certs/...pem  (autmatically imported from /usr/local/share/ca-certificates/domain/certrootfile.crt)


Then i reinstalled system, and not configured certifcates yet.

After reinstalling system and restoring /home directory, i logged into my new stystem.

After giving password to gnome-keyring NM automatically connected to my network,
even cosindering that it is not existing:

** (nm-applet:6704): WARNING **: utils_fill_connection_certs: couldn't read CA certificate: 4 Nie można otworzyć pliku "/etc/ssl/certs/SMP_Root_Certification_Authority_2.pem": Nie ma takiego pliku ani katalogu



But NM thinks that it should connect anyway. And it connects,
possibly leaking my credentials, login and password, and all
keys, and of course network traffic.


It should be considerebly more verbose error provided to an user (using nm-applet),
and NM should abort connecting.



-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.31-1-686-bigmem (SMP w/1 CPU core)
Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to pl_PL.UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages network-manager-gnome depends on:
ii  dbus-x11                      1.2.16-2   simple interprocess messaging syst
ii  gconf2                        2.28.0-1   GNOME configuration database syste
ii  gnome-icon-theme              2.28.0-1   GNOME Desktop icon theme
ii  libc6                         2.10.2-2   GNU C Library: Shared libraries
ii  libdbus-1-3                   1.2.16-2   simple interprocess messaging syst
ii  libdbus-glib-1-2              0.82-2     simple interprocess messaging syst
ii  libgconf2-4                   2.28.0-1   GNOME configuration database syste
ii  libglade2-0                   1:2.6.4-1  library to load .glade files at ru
ii  libglib2.0-0                  2.22.3-1   The GLib library of C routines
ii  libgnome-keyring0             2.28.1-2   GNOME keyring services library
ii  libgtk2.0-0                   2.18.4-1   The GTK+ graphical user interface 
ii  libnm-glib-vpn0               0.7.2-2    network management framework (GLib
ii  libnm-glib0                   0.7.2-2    network management framework (GLib
ii  libnm-util1                   0.7.2-2    network management framework (shar
ii  libnotify1 [libnotify1-gtk2.1 0.4.5-1    sends desktop notifications to a n
ii  libpango1.0-0                 1.26.1-1   Layout and rendering of internatio
ii  libpolkit-gnome0              0.9.2-2    PolicyKit-gnome library
ii  libpolkit2                    0.9-4      library for accessing PolicyKit
ii  network-manager               0.7.2-2    network management framework daemo
ii  policykit-gnome               0.9.2-2    GNOME dialogs for PolicyKit

Versions of packages network-manager-gnome recommends:
ii  libpam-gnome-keyring [libpam- 2.28.1-2   PAM module to unlock the GNOME key
ii  notification-daemon           0.4.0-2    a daemon that displays passive pop

Versions of packages network-manager-gnome suggests:
ii  network-manager-openvpn-gnome 0.7.2-1    network management framework (Open
ii  network-manager-pptp-gnome    0.7.2-1    network management framework (PPTP
ii  network-manager-vpnc-gnome    0.7.2-1    network management framework (VPNC

-- no debconf information

More information about the Secure-testing-team mailing list