*** This bug is a security vulnerability ***
Public security bug reported:
In Quantal, as a guest user you can create a network connection with an
arbitrary mac address - I take
that as a security hole (being able to break another machine on the network).
(actually in this case the guest user you get to register a remote
desktop account, you can get a terminal in it - that might be another
security issue)
Go to the network manager icon and edit connections
Wired network
Add connection
Choose the eth0/deault device mac address
Type in a MAC address of your own evil making in the 'cloned mac
address' box
Untick 'available to all users'
and Save
Now, you have a new connection, but it's not up
Open a terminal and use
nmcli con
to list the network connections, and note the UUID of your new one.
Now do
nmcli con up uuid ..... where ..... is the UUID you just got.
You're now spoofing someone elses MAC address.
ProblemType: Bug
DistroRelease: Ubuntu 12.10
Package: network-manager 0.9.6.0-0ubuntu7
ProcVersionSignature: Ubuntu 3.5.0-15.22-generic 3.5.4
Uname: Linux 3.5.0-15-generic x86_64
ApportVersion: 2.5.2-0ubuntu4
Architecture: amd64
CRDA: Error: command ['iw', 'reg', 'get'] failed with exit code 1: nl80211 not
found.
Date: Sun Sep 23 16:41:47 2012
IfupdownConfig:
auto lo
iface lo inet loopback
InstallationMedia: Ubuntu 12.10 "Quantal Quetzal" - Alpha amd64+mac (20120905.2)
IpRoute:
default via 192.168.122.1 dev eth0 proto static
169.254.0.0/16 dev eth0 scope link metric 1000
192.168.122.0/24 dev eth0 proto kernel scope link src 192.168.122.34
metric 1
IwConfig:
eth0 no wireless extensions.
lo no wireless extensions.
NetworkManager.state:
[main]
NetworkingEnabled=true
WirelessEnabled=true
WWANEnabled=true
WimaxEnabled=true
ProcEnviron:
LANGUAGE=en_GB:en
TERM=xterm
PATH=(custom, no user)
LANG=en_GB.UTF-8
SHELL=/bin/bash
RfKill:
SourcePackage: network-manager
UpgradeStatus: No upgrade log present (probably fresh install)
nmcli-con:
NAME UUID TYPE
TIMESTAMP TIMESTAMP-REAL AUTOCONNECT READONLY
DBUS-PATH
Wired connection 1 90a0ede6-43a8-4ad1-a26c-b17a52146725
802-3-ethernet 1348414780 Sun 23 Sep 2012 16:39:40 BST yes
no /org/freedesktop/NetworkManager/Settings/0
nmcli-dev:
DEVICE TYPE STATE DBUS-PATH
eth0 802-3-ethernet connected
/org/freedesktop/NetworkManager/Devices/0
nmcli-nm:
RUNNING VERSION STATE NET-ENABLED WIFI-HARDWARE WIFI
WWAN-HARDWARE WWAN
running 0.9.6.0 connected enabled enabled
enabled enabled disabled
** Affects: network-manager (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug quantal running-unity
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1055068
Title:
Guest user can use arbitrary MAC addresses
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1055068/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
