Wicd before 1.7.1 saves sensitive information in log files in /var/log/wicd, which allows context-dependent attackers to obtain passwords and other sensitive information.
CVSS 2.0
Severity: LOW
Problem Type: CWE-255,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| david_paleino | wicd | 1.7.2 |
| david_paleino | wicd | 1.5.2 |
| david_paleino | wicd | 1.5.4 |
| david_paleino | wicd | 1.5.6 |
| david_paleino | wicd | 1.5.1 |
| david_paleino | wicd | 1.7.1 |
| david_paleino | wicd | * |
| david_paleino | wicd | 1.7.0 |
| david_paleino | wicd | 1.5.7 |
| david_paleino | wicd | 1.2.7 |
| david_paleino | wicd | 1.5.5 |
| david_paleino | wicd | 1.5.8 |
| david_paleino | wicd | 1.4.0 |
| david_paleino | wicd | 1.3.1 |
| david_paleino | wicd | 1.5.9 |
| david_paleino | wicd | 1.4.2 |
| david_paleino | wicd | 1.4.1 |
| david_paleino | wicd | 1.5.3 |
| david_paleino | wicd | 1.6.2 |
| david_paleino | wicd | 1.5.0 |
| david_paleino | wicd | 1.6.0 |