A local privilege escalation flaw in wicd
(wireless interface connection daemon) was found
as part of an "ethical hacking" class using the Backtrack security-oriented Linux distribution. While Backtrack is singled out in the threatpost article
, the flaw really resides in wicd and is likely present in other distributions:
"The security flaw was discovered in a Backtrack component known as the Wireless Interface Connection Daemon (or WICD). The latest version of Backtrack does a poor job "sanitizing" (or filtering) inputs to the WICD DBUS (Desktop Bus) interface - a component that allows different applications to communicate with each other. That means that attackers can push invalid configuration options to DBUS, which are then written to a WICD wireless settings configuration file. The improper settings could include scripts or executables that would be run when certain events occur - such as the user connecting to a wireless network, according to the post, whose author asked to remain anonymous.
to post comments)