Lucene search

[email protected]NVD:CVE-2012-0962

HistoryDec 26, 2012 - 10:55 p.m.

CVE-2012-0962

2012-12-2622:55:02

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.5 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.6%

JSON

Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when importing PPA GPG keys from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle (MITM) attack.

Affected configurations

NVD

Node

sebastian_heinleinaptdaemonMatch0.43

canonicalubuntu_linuxMatch11.10-lts

canonicalubuntu_linuxMatch12.04-lts

References

secunia.com/advisories/51627

www.securityfocus.com/bid/56959

www.securitytracker.com/id?1027891

www.ubuntu.com/usn/USN-1666-1

bugs.launchpad.net/software-center-agent/%2Bbug/1052789

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.5 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.6%

JSON

Related for NVD:CVE-2012-0962

ubuntu1 openvas2 cve1 securityvulns2 prion1 cvelist1 nessus1 ubuntucve1