Wicd 'SetWirelessProperty()' Local Privilege Escalation Vulnerability

Bugtraq ID:	52987
Class:	Input Validation Error
CVE:	CVE-2012-2095
Remote:	No
Local:	Yes
Published:	Apr 11 2012 12:00AM
Updated:	Apr 13 2015 10:07PM
Credit:	Anonymous
Vulnerable:	Wicd Wicd 1.5.9 Wicd Wicd 1.5.8 Wicd Wicd 1.7.1~b3-4 Wicd Wicd 1.7.1~b3-3 Gentoo Linux Debian Linux 5.0 Debian Linux 4.0 Backtrack-Linux Backtrack Linux 0
Not Vulnerable:

Wicd 'SetWirelessProperty()' Local Privilege Escalation Vulnerability

Wicd is prone to a local privilege-escalation vulnerability because of an input-validation error in the 'SetWirelessProperty()' function.

Local attackers with access to the Wicd's DBUS interface, can exploit this issue to execute arbitrary code with superuser privileges.

Successful exploits will result in the complete compromise of the affected computer.

Wicd 'SetWirelessProperty()' Local Privilege Escalation Vulnerability

Attackers can use standard tools to exploit this issue.

The following exploit code is available:

• /data/vulnerabilities/exploits/52987.py

Wicd 'SetWirelessProperty()' Local Privilege Escalation Vulnerability

Solution:
Updates are available. Please see the references for more information.

Wicd 'SetWirelessProperty()' Local Privilege Escalation Vulnerability

References:

• Debian Bug report logs - #668397 wicd: Local privilege escalation (Debian)
  
• Wicd Homepage (Wicd)
  
• wicd Privilege Escalation 0Day (INFOSEC Institute)