Lucene search
K

82 matches found

Tenable Nessus
Tenable Nessus
added 2020/12/09 12:0 a.m.27 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Aptdaemon vulnerabilities (USN-4664-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4664-1 advisory. Kevin Backhouse discovered that Aptdaemon incorrectly handled certain properties. A local attacker could use this issue to test f...

5.5CVSS5.2AI score0.00335EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/12/09 12:0 a.m.19 views

Ubuntu: Security Advisory (USN-4664-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS7.1AI score0.00335EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2020/12/08 3:58 p.m.58 views

USN-4664-1: Aptdaemon vulnerabilities

Kevin Backhouse discovered that Aptdaemon incorrectly handled certain properties. A local attacker could use this issue to test for the presence of local files. CVE-2020-16128 Kevin Backhouse discovered that Aptdaemon incorrectly handled permission checks. A local attacker could possibly use this...

5.5CVSS5.2AI score0.00335EPSS
Exploits0
OSV
OSV
added 2020/12/08 3:58 p.m.18 views

USN-4664-1 aptdaemon vulnerabilities

Kevin Backhouse discovered that Aptdaemon incorrectly handled certain properties. A local attacker could use this issue to test for the presence of local files. CVE-2020-16128 Kevin Backhouse discovered that Aptdaemon incorrectly handled permission checks. A local attacker could possibly use this...

5.5CVSS5.8AI score0.00335EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2020/12/08 12:0 a.m.22 views

CVE-2020-16128

The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...

3.8CVSS5.8AI score0.00335EPSS
Exploits0References2
CNNVD
CNNVD
added 2020/12/08 12:0 a.m.6 views

Aptdaemon Security Vulnerabilities

Aptdaemon is a code library for pypi for individual developers. The library functions allow package management tasks to be performed in a DBus-controlled background process. A security vulnerability exists in Aptdaemon, which can be exploited by an attacker to trigger a denial of service via a...

5.5CVSS6.1AI score0.00288EPSS
Exploits0References6
CNNVD
CNNVD
added 2020/12/08 12:0 a.m.8 views

Aptdaemon Security Vulnerabilities

Aptdaemon is a code library for pypi for individual developers. The library functions allow package management tasks to be performed in a DBus-controlled background process. Aptdaemon has a security vulnerability that can be exploited by an attacker to detect local files via Aptdaemon, bypass dat...

3.8CVSS5.8AI score0.00335EPSS
Exploits0References6
OSV
OSV
added 2020/12/08 12:0 a.m.1 views

UBUNTU-CVE-2020-16128

The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...

3.8CVSS5.8AI score0.00335EPSS
Exploits0References3
OSV
OSV
added 2020/12/08 12:0 a.m.1 views

UBUNTU-CVE-2020-27349

Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...

5.5CVSS5.8AI score0.00288EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2020/12/08 12:0 a.m.24 views

CVE-2020-27349

Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...

5.5CVSS6.1AI score0.00288EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/10/31 3:45 a.m.31 views

CVE-2020-15703 aptdaemon allows unprivileged users to test for the presence of local files via the transaction Locale property

There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an...

4CVSS3.8AI score0.0048EPSS
Exploits1References2
0day.today
0day.today
added 2020/10/28 12:0 a.m.30 views

aptdaemon < 1.1.1 - File Existence Disclosure Exploit

Exploit Title: File Existence Disclosure in aptdaemon " sys.exit0 FILETOCHECK = sys.argv1 bus = dbus.SystemBus aptdbusobject = bus.getobject"org.debian.apt", "/org/debian/apt" aptdbusinterface = dbus.Interfaceaptdbusobject, "org.debian.apt" just use any valid .deb file trans = aptdbusi...

5.5CVSS5.4AI score0.004EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/10/28 12:0 a.m.345 views

aptdaemon File Existence Disclosure

Exploit Title: File Existence Disclosure in aptdaemon " sys.exit0 FILETOCHECK = sys.argv1 bus = dbus.SystemBus aptdbusobject = bus.getobject"org.debian.apt", "/org/debian/apt" aptdbusi...

4.9CVSS5.4AI score0.004EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/10/28 12:0 a.m.502 views

aptdaemon &lt; 1.1.1 - File Existence Disclosure

Exploit Title: File Existence Disclosure in aptdaemon " sys.exit0 FILETOCHECK = sys.argv1 bus = dbus.SystemBus aptdbusobject = bus.getobject"org.debian.apt", "/org/debian/apt" aptdbusinterface = dbus.Interfaceaptdbusobject, "or...

5.5CVSS5.4AI score0.004EPSS
Exploits3
OpenVAS
OpenVAS
added 2020/09/25 12:0 a.m.12 views

Ubuntu: Security Advisory (USN-4537-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4CVSS4.2AI score0.0048EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2020/09/24 12:52 p.m.57 views

USN-4537-1: Aptdaemon vulnerability

Vaisha Bernard discovered that Aptdaemon incorrectly handled the Locale property. A local attacker could use this issue to test for the presence of local files...

4CVSS4.9AI score0.0048EPSS
Exploits1
OSV
OSV
added 2020/09/24 12:52 p.m.8 views

USN-4537-1 aptdaemon vulnerability

Vaisha Bernard discovered that Aptdaemon incorrectly handled the Locale property. A local attacker could use this issue to test for the presence of local files...

4CVSS5.8AI score0.0048EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/09/24 12:0 a.m.18 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Aptdaemon vulnerability (USN-4537-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4537-1 advisory. Vaisha Bernard discovered that Aptdaemon incorrectly handled the Locale property. A local attacker could use this issue to test for the...

4CVSS5AI score0.0048EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2020/01/20 12:0 a.m.22 views

CVE-2019-15795

python-apt only checks the MD5 sums of downloaded files in Version.fetchbinary and Version.fetchsource of apt/package.py in version 1.9.0ubuntu1 and earlier. This allows a man-in-the-middle attack which could potentially be used to install altered packages and has been fixed in versions...

4.7CVSS5.8AI score0.0044EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2020/01/20 12:0 a.m.27 views

CVE-2019-15796

Python-apt doesn't check if hashes are signed in Version.fetchbinary and Version.fetchsource of apt/package.py or in fetcharchives of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn't be allowed and has been fixed in verisions 1.9.5...

4.7CVSS5.7AI score0.00496EPSS
Exploits0References3
Rows per page
Query Builder