Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: wicd Privilege Escalation 0day exploit for Backtrack 5 R2 SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
wicd Privilege Escalation 0day exploit for Backtrack 5 R2

A vulnerability was found in the current Backtrack 5 R2 version of the "Wicd" ( Wireless Interface Connection Daemon) software, where several design flaws have been found culminating in privilege escalation exploit. [1]

To address this vulnerability, Wicd 1.7.2 was released to patch this vulnerability (CVE-2012-2095) as well as several other fixes have been included in this update. The list of fixes is available here and the latest tarball can be downloaded here.

[1] http://www.infosecinstitute.com/courses/ethical_hacking_training.html
[2] https://launchpad.net/wicd/+announcement/9888
[3] https://bugs.launchpad.net/wicd/+bug/979221
[4] https://launchpad.net/wicd/1.7/1.7.2/+download/wicd-1.7.2.tar.gz

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

 Guy

453 Posts
ISC Handler
Subscribe Apr 12th 2012
7 years ago
Perspective and clarity on the issue:
http://www.backtrack-linux.org/forums/showthread.php?t=49411
 ovid

1 Posts
Quote Apr 12th 2012
7 years ago
Should probably set the threat level Yellow.
 ovid
1 Posts
Quote Apr 12th 2012
7 years ago

Sign Up for Free or Log In to start participating in the conversation!