Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: InfoSec Handlers Diary Blog - SANS Internet Storm Center InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

wicd Privilege Escalation 0day Exploit

Published: 2012-04-12
Last Updated: 2012-04-12 11:24:57 UTC
by Guy Bruneau (Version: 2)
2 comment(s)

A vulnerability was found in the current Backtrack 5 R2 version of the "Wicd" ( Wireless Interface Connection Daemon) software, where several design flaws have been found culminating in privilege escalation exploit. [1]

To address this vulnerability, Wicd 1.7.2 was released to patch this vulnerability (CVE-2012-2095) as well as several other fixes have been included in this update. The list of fixes is available here and the latest tarball can be downloaded here.

Update 1: The privilege Escalation 0day exploit only affects the Wicd software and is not a Backtrack 5 R2 vulnerability.



Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

Keywords: Backtrack 5 R2 wicd
2 comment(s)
Diary Archives