Lucene search

[email protected]CVE-2012-0961

HistoryDec 26, 2012 - 10:55 p.m.

CVE-2012-0961

2012-12-2622:55:00

CWE-200

[email protected]

web.nvd.nist.gov

cve-2012-0961

apt

ubuntu

log file

permissions

vulnerability

5.7 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

Apt 0.8.16~exp5ubuntu13.x before 0.8.16~exp5ubuntu13.6, 0.8.16~exp12ubuntu10.x before 0.8.16~exp12ubuntu10.7, and 0.9.7.5ubuntu5.x before 0.9.7.5ubuntu5.2, as used in Ubuntu, uses world-readable permissions for /var/log/apt/term.log, which allows local users to obtain sensitive shell information by reading the log file.

CPENameOperatorVersion
debian:aptdebian apteq0.9.7
debian:advanced_package_tooldebian advanced package tooleq0.8.16

CPE	Name	Operator	Version
debian:apt	debian apt	eq	0.9.7
debian:advanced_package_tool	debian advanced package tool	eq	0.8.16

References

osvdb.org/88380

secunia.com/advisories/51568

www.securityfocus.com/bid/56917

www.ubuntu.com/usn/USN-1662-1

5.7 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2012-0961

openvas2 ubuntucve1 securityvulns1 cvelist1 debiancve1 prion1 ubuntu1 nessus1