Lucene search
HistoryJun 04, 2012 - 8:55 p.m.
CVE-2012-0944
aptdaemon
ubuntu
package authentication
man-in-the-middle attack
cve-2012-0944
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6.7 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
73.1%
Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does not authenticate packages when the transaction is not simulated, which allows remote attackers to install arbitrary packages via a man-in-the-middle attack.
Affected configurations
Node
sebastian_heinleinaptdaemonRange≤0.42
ORsebastian_heinleinaptdaemonMatch0.20
ORsebastian_heinleinaptdaemonMatch0.30
ORsebastian_heinleinaptdaemonMatch0.31
ORsebastian_heinleinaptdaemonMatch0.32
ORsebastian_heinleinaptdaemonMatch0.33
ORsebastian_heinleinaptdaemonMatch0.34
ORsebastian_heinleinaptdaemonMatch0.40
ORsebastian_heinleinaptdaemonMatch0.41
ORcanonicalubuntu_linuxMatch11.04
ORcanonicalubuntu_linuxMatch11.10
ORcanonicalubuntu_linuxMatch12.04lts
Related
openvas
openvas
Ubuntu: Security Advisory (USN-1414-1)
2012-04-05 00:00:00
Ubuntu Update for aptdaemon USN-1414-1
2012-04-05 00:00:00
ubuntucve
ubuntucve
CVE-2012-0944
2012-04-02 00:00:00
nvd
nvd
CVE-2012-0944
2012-06-04 20:55:02
prion
prion
Code injection
2012-06-04 20:55:00
nessus
nessus
Ubuntu 11.04 / 11.10 : aptdaemon vulnerability (USN-1414-1)
2012-04-03 00:00:00
cvelist
cvelist
CVE-2012-0944
2012-06-04 20:00:00
ubuntu
ubuntu
Aptdaemon vulnerability
2012-04-02 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6.7 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
73.1%
Related for CVE-2012-0944