Lucene search
HistoryMay 14, 2014 - 12:55 a.m.
CVE-2011-4407
software properties
ppa.py
cve-2011-4407
mitm
vulnerability
nvd
6.2 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
31.5%
ppa.py in Software Properties before 0.81.13.3 does not validate the server certificate when downloading PPA GPG key fingerprints, which allows man-in-the-middle (MITM) attackers to spoof GPG keys for a package repository.
Related
securityvulns
securityvulns
[USN-1352-1] Software Properties vulnerability
2012-02-08 00:00:00
Ubuntu utilities security vulnerabilities
2012-02-08 00:00:00
ubuntucve
ubuntucve
CVE-2011-4407
2012-01-26 00:00:00
cvelist
cvelist
CVE-2011-4407
2014-05-14 00:00:00
ubuntu
ubuntu
Software Properties vulnerability
2012-01-31 00:00:00
debiancve
debiancve
CVE-2011-4407
2014-05-14 00:55:00
openvas
openvas
Ubuntu Update for software-properties USN-1352-1
2012-02-01 00:00:00
Ubuntu: Security Advisory (USN-1352-1)
2012-02-01 00:00:00
nessus
nessus
prion
prion
Code injection
2014-05-14 00:55:00
6.2 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
31.5%
Related for CVE-2011-4407