USN-1483-1: NetworkManager vulnerability

Ubuntu Security Notice USN-1483-1

27th June, 2012

network-manager vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 11.10
  • Ubuntu 11.04
  • Ubuntu 10.04 LTS

Summary

NetworkManager could create insecure AdHoc wireless networks.

Software description

  • network-manager - Network connection manager

Details

It was discovered that certain wireless drivers incorrectly handled the
creation of WPA-secured AdHoc connections. This could result in AdHoc
wireless connections being created without any security at all. This update
removes WPA as a security choice for AdHoc connections in NetworkManager.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 11.10:
network-manager 0.9.1.90-0ubuntu5.2
Ubuntu 11.04:
network-manager 0.8.4~git.20110319t175609.d14809b-0ubuntu3.1
Ubuntu 10.04 LTS:
network-manager 0.8-0ubuntu3.3

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2012-2736