CVE-2012-0950

2012-06-19T20:55:00
ID CVE-2012-0950
Type cve
Reporter cve@mitre.org
Modified 2012-06-26T04:00:00

Description

The Apport hook (DistUpgradeApport.py) in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uploads the /var/log/dist-upgrade directory when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0949.