Mandriva Linux Security Advisory 2011-171 - GNOME NetworkManager before version 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors. Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create new connections, allows local users to execute arbitrary commands via a newline character in the name for a new network connection, which is not properly handled when writing to the ifcfg file.
b0497990b7cd3f0be96a104f99d44c5413f36998cce68cf0d2fd1763c43b2bbc
Red Hat Security Advisory 2011-0930-01 - NetworkManager is a network link manager that attempts to keep a wired or wireless network connection active at all times. It was found that NetworkManager did not properly enforce PolicyKit settings controlling the permissions to configure wireless network sharing. A local, unprivileged user could use this flaw to bypass intended PolicyKit restrictions, allowing them to enable wireless network sharing. Users of NetworkManager should upgrade to these updated packages, which contain a backported patch to correct this issue. Running instances of NetworkManager must be restarted for this update to take effect. Various other issues were also addressed.
b7ab38f7999b982feca87c5853853695ba8e9668b475ada75d85fd8504c2f8f5