CVE-2012-0813 - Abstractive Bandage

Description

Wicd before 1.7.1 saves sensitive information in log files in /var/log/wicd which allows context-dependent attackers to obtain passwords and other sensitive information.

Reference

http://security.gentoo.org/glsa/glsa-201206-08.xml http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652417 https://launchpad.net/wicd/+announcement/9570 http://bazaar.launchpad.net/~wicd-devel/wicd/experimental/revision/682 http://secunia.com/advisories/49657 http://www.securityfocus.com/bid/51703 http://www.openwall.com/lists/oss-security/2012/01/26/13 http://www.openwall.com/lists/oss-security/2012/01/26/14