USN-1483-1: NetworkManager vulnerability

27 June 2012

network-manager vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 11.10
  • Ubuntu 11.04
  • Ubuntu 10.04 LTS

Summary

NetworkManager could create insecure AdHoc wireless networks.

Software Description

  • network-manager - Network connection manager

Details

It was discovered that certain wireless drivers incorrectly handled the creation of WPA-secured AdHoc connections. This could result in AdHoc wireless connections being created without any security at all. This update removes WPA as a security choice for AdHoc connections in NetworkManager.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 11.10
network-manager - 0.9.1.90-0ubuntu5.2
Ubuntu 11.04
network-manager - 0.8.4~git.20110319t175609.d14809b-0ubuntu3.1
Ubuntu 10.04 LTS
network-manager - 0.8-0ubuntu3.3

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

References