Lucene search
+L

83 matches found

ubuntucve
ubuntucve
added 2020/01/20 12:0 a.m.22 views

CVE-2019-15795

python-apt only checks the MD5 sums of downloaded files in Version.fetchbinary and Version.fetchsource of apt/package.py in version 1.9.0ubuntu1 and earlier. This allows a man-in-the-middle attack which could potentially be used to install altered packages and has been fixed in versions...

4.7CVSS5.8AI score0.0044EPSS
Exploits0References3
nvd
nvd
added 2017/07/21 2:29 p.m.18 views

CVE-2015-1323

The simulate dbus method in aptdaemon before 1.1.1+bzr982-0ubuntu3.1 as packaged in Ubuntu 15.04, before 1.1.1+bzr980-0ubuntu1.1 as packaged in Ubuntu 14.10, before 1.1.1-1ubuntu5.2 as packaged in Ubuntu 14.04 LTS, before 0.43+bzr805-0ubuntu10 as packaged in Ubuntu 12.04 LTS allows local users to...

5.5CVSS5.2AI score0.004EPSS
Exploits3References2
cvelist
cvelist
added 2017/07/21 2:0 p.m.22 views

CVE-2015-1323

The simulate dbus method in aptdaemon before 1.1.1+bzr982-0ubuntu3.1 as packaged in Ubuntu 15.04, before 1.1.1+bzr980-0ubuntu1.1 as packaged in Ubuntu 14.10, before 1.1.1-1ubuntu5.2 as packaged in Ubuntu 14.04 LTS, before 0.43+bzr805-0ubuntu10 as packaged in Ubuntu 12.04 LTS allows local users to...

5.1AI score0.004EPSS
Exploits3References2
cve
cve
added 2017/07/21 2:0 p.m.131 views

CVE-2015-1323

CVE-2015-1323 affects aptdaemon's simulate dbus method, enabling a local attacker to obtain sensitive information or access files with root permissions. Ubuntu packages were affected across multiple releases (12.04 LTS through 15.04) prior to fixed versions (e.g., 1.1.1+bzr982-0ubuntu32.1 and rel...

5.5CVSS5.1AI score0.004EPSS
Exploits3References2Affected Software1
debian
debian
added 2015/07/06 8:40 a.m.19 views

[SECURITY] [DLA 261-2] aptdaemon regression update

Package : aptdaemon Version : 0.31+bzr413-1.1+deb6u2 Debian Bug : 791469 It was reported that version 0.31+bzr413-1.1+deb6u1 of aptdaemon which fixed CVE-2015-1323 was not installable if you have Python 2.5 installed. This has been fixed in version 0.31+bzr413-1.1+deb6u2. Raphaël Hertzog ◈ Debian...

5.5CVSS6AI score0.004EPSS
Exploits3
osv
osv
added 2015/07/06 12:0 a.m.17 views

DLA-261-2 aptdaemon - regression update

Bulletin has no description...

5.7AI score
Exploits0
nessus
nessus
added 2015/07/01 12:0 a.m.21 views

Debian DLA-261-2 : aptdaemon regression update

It was reported that version 0.31+bzr413-1.1+deb6u1 of aptdaemon which fixed CVE-2015-1323 was not installable if you have Python 2.5 installed. This has been fixed in version 0.31+bzr413-1.1+deb6u2. NOTE: Tenable Network Security has extracted the preceding description block directly from the DL...

5.5CVSS5.5AI score0.004EPSS
Exploits3References3
debian
debian
added 2015/06/30 10:12 a.m.24 views

[SECURITY] [DLA 261-1] aptdaemon security update

Package : aptdaemon Version : 0.31+bzr413-1.1+deb6u1 CVE ID : CVE-2015-1323 Debian Bug : 789162 Tavis Ormandy discovered that Aptdeamon incorrectly handled the simulate dbus method. A local attacker could use this issue to possibly expose sensitive information, or perform other file access as the...

5.5CVSS6AI score0.004EPSS
Exploits3
osv
osv
added 2015/06/30 12:0 a.m.19 views

DLA-261-1 aptdaemon - security update

Bulletin has no description...

5.5CVSS5.3AI score0.004EPSS
Exploits3
cnvd
cnvd
added 2015/06/26 12:0 a.m.5 views

Aptdaemon Local Security Bypass Vulnerability

Aptdaemon is a transaction-based package management service. Aptdaemon suffers from a security bypass vulnerability that could be exploited by a local attacker to bypass security restrictions and gain access to sensitive information in specific files...

5.5CVSS6.4AI score0.004EPSS
Exploits3References1
openvas
openvas
added 2015/06/17 12:0 a.m.23 views

Ubuntu: Security Advisory (USN-2648-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.5AI score0.004EPSS
Exploits3References2
nessus
nessus
added 2015/06/17 12:0 a.m.31 views

Ubuntu 14.04 LTS : Aptdaemon vulnerability (USN-2648-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2648-1 advisory. Tavis Ormandy discovered that Aptdeamon incorrectly handled the simulate dbus method. A local attacker could use this issue to possibly expose sensitive...

5.5CVSS5.8AI score0.004EPSS
Exploits3References2
osv
osv
added 2015/06/16 5:6 p.m.4 views

USN-2648-1 aptdaemon vulnerability

Tavis Ormandy discovered that Aptdeamon incorrectly handled the simulate dbus method. A local attacker could use this issue to possibly expose sensitive information, or perform other file access as the root user...

5.5CVSS6AI score0.004EPSS
Exploits3References2
ubuntu
ubuntu
added 2015/06/16 5:6 p.m.58 views

USN-2648-1: Aptdaemon vulnerability

Tavis Ormandy discovered that Aptdeamon incorrectly handled the simulate dbus method. A local attacker could use this issue to possibly expose sensitive information, or perform other file access as the root user...

5.5CVSS5.7AI score0.004EPSS
Exploits3
osv
osv
added 2015/06/16 5:0 p.m.4 views

UBUNTU-CVE-2015-1323

The simulate dbus method in aptdaemon before 1.1.1+bzr982-0ubuntu3.1 as packaged in Ubuntu 15.04, before 1.1.1+bzr980-0ubuntu1.1 as packaged in Ubuntu 14.10, before 1.1.1-1ubuntu5.2 as packaged in Ubuntu 14.04 LTS, before 0.43+bzr805-0ubuntu10 as packaged in Ubuntu 12.04 LTS allows local users to...

5.5CVSS6AI score0.004EPSS
Exploits3References3
ubuntucve
ubuntucve
added 2015/06/16 5:0 p.m.19 views

CVE-2015-1323

The simulate dbus method in aptdaemon before 1.1.1+bzr982-0ubuntu3.1 as packaged in Ubuntu 15.04, before 1.1.1+bzr980-0ubuntu1.1 as packaged in Ubuntu 14.10, before 1.1.1-1ubuntu5.2 as packaged in Ubuntu 14.04 LTS, before 0.43+bzr805-0ubuntu10 as packaged in Ubuntu 12.04 LTS allows local users to...

5.5CVSS6.1AI score0.004EPSS
Exploits3References2
nvd
nvd
added 2012/12/26 10:55 p.m.30 views

CVE-2012-0962

Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when importing PPA GPG keys from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle MITM attack...

4.3CVSS6.5AI score0.018EPSS
Exploits0References5
prion
prion
added 2012/12/26 10:55 p.m.23 views

Code injection

Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when importing PPA GPG keys from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle MITM attack...

4.3CVSS7AI score0.018EPSS
Exploits0References5Affected Software2
cve
cve
added 2012/12/26 10:0 p.m.60 views

CVE-2012-0962

CVE-2012-0962 concerns Aptdaemon 0.43 on Ubuntu 11.10 and 12.04 LTS, where importing PPA GPG keys from a keyserver used short IDs, enabling a man‑in‑the‑middle attack to install arbitrary PPA keys. The Red Hat and NVD records repeat this description. Impact: attacker could influence which reposit...

4.3CVSS6.6AI score0.018EPSS
Exploits0References5Affected Software2
cvelist
cvelist
added 2012/12/26 10:0 p.m.37 views

CVE-2012-0962

Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when importing PPA GPG keys from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle MITM attack...

6.5AI score0.018EPSS
Exploits0References5
Rows per page
Query Builder