82 matches found
CVE-2015-1323
The simulate dbus method in aptdaemon before 1.1.1+bzr982-0ubuntu3.1 as packaged in Ubuntu 15.04, before 1.1.1+bzr980-0ubuntu1.1 as packaged in Ubuntu 14.10, before 1.1.1-1ubuntu5.2 as packaged in Ubuntu 14.04 LTS, before 0.43+bzr805-0ubuntu10 as packaged in Ubuntu 12.04 LTS allows local users to...
CVE-2015-1323
CVE-2015-1323 affects aptdaemon's simulate dbus method, enabling a local attacker to obtain sensitive information or access files with root permissions. Ubuntu packages were affected across multiple releases (12.04 LTS through 15.04) prior to fixed versions (e.g., 1.1.1+bzr982-0ubuntu32.1 and rel...
CVE-2015-1323
The simulate dbus method in aptdaemon before 1.1.1+bzr982-0ubuntu3.1 as packaged in Ubuntu 15.04, before 1.1.1+bzr980-0ubuntu1.1 as packaged in Ubuntu 14.10, before 1.1.1-1ubuntu5.2 as packaged in Ubuntu 14.04 LTS, before 0.43+bzr805-0ubuntu10 as packaged in Ubuntu 12.04 LTS allows local users to...
[SECURITY] [DLA 261-2] aptdaemon regression update
Package : aptdaemon Version : 0.31+bzr413-1.1+deb6u2 Debian Bug : 791469 It was reported that version 0.31+bzr413-1.1+deb6u1 of aptdaemon which fixed CVE-2015-1323 was not installable if you have Python 2.5 installed. This has been fixed in version 0.31+bzr413-1.1+deb6u2. Raphaël Hertzog ◈ Debian...
DLA-261-2 aptdaemon - regression update
Bulletin has no description...
Debian DLA-261-2 : aptdaemon regression update
It was reported that version 0.31+bzr413-1.1+deb6u1 of aptdaemon which fixed CVE-2015-1323 was not installable if you have Python 2.5 installed. This has been fixed in version 0.31+bzr413-1.1+deb6u2. NOTE: Tenable Network Security has extracted the preceding description block directly from the DL...
[SECURITY] [DLA 261-1] aptdaemon security update
Package : aptdaemon Version : 0.31+bzr413-1.1+deb6u1 CVE ID : CVE-2015-1323 Debian Bug : 789162 Tavis Ormandy discovered that Aptdeamon incorrectly handled the simulate dbus method. A local attacker could use this issue to possibly expose sensitive information, or perform other file access as the...
DLA-261-1 aptdaemon - security update
Bulletin has no description...
Aptdaemon Local Security Bypass Vulnerability
Aptdaemon is a transaction-based package management service. Aptdaemon suffers from a security bypass vulnerability that could be exploited by a local attacker to bypass security restrictions and gain access to sensitive information in specific files...
Ubuntu 14.04 LTS : Aptdaemon vulnerability (USN-2648-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2648-1 advisory. Tavis Ormandy discovered that Aptdeamon incorrectly handled the simulate dbus method. A local attacker could use this issue to possibly expose sensitive...
Ubuntu: Security Advisory (USN-2648-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2648-1: Aptdaemon vulnerability
Tavis Ormandy discovered that Aptdeamon incorrectly handled the simulate dbus method. A local attacker could use this issue to possibly expose sensitive information, or perform other file access as the root user...
USN-2648-1 aptdaemon vulnerability
Tavis Ormandy discovered that Aptdeamon incorrectly handled the simulate dbus method. A local attacker could use this issue to possibly expose sensitive information, or perform other file access as the root user...
CVE-2015-1323
The simulate dbus method in aptdaemon before 1.1.1+bzr982-0ubuntu3.1 as packaged in Ubuntu 15.04, before 1.1.1+bzr980-0ubuntu1.1 as packaged in Ubuntu 14.10, before 1.1.1-1ubuntu5.2 as packaged in Ubuntu 14.04 LTS, before 0.43+bzr805-0ubuntu10 as packaged in Ubuntu 12.04 LTS allows local users to...
UBUNTU-CVE-2015-1323
The simulate dbus method in aptdaemon before 1.1.1+bzr982-0ubuntu3.1 as packaged in Ubuntu 15.04, before 1.1.1+bzr980-0ubuntu1.1 as packaged in Ubuntu 14.10, before 1.1.1-1ubuntu5.2 as packaged in Ubuntu 14.04 LTS, before 0.43+bzr805-0ubuntu10 as packaged in Ubuntu 12.04 LTS allows local users to...
CVE-2012-0962
Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when importing PPA GPG keys from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle MITM attack...
Code injection
Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when importing PPA GPG keys from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle MITM attack...
CVE-2012-0962
CVE-2012-0962 concerns Aptdaemon 0.43 on Ubuntu 11.10 and 12.04 LTS, where importing PPA GPG keys from a keyserver used short IDs, enabling a man‑in‑the‑middle attack to install arbitrary PPA keys. The Red Hat and NVD records repeat this description. Impact: attacker could influence which reposit...
CVE-2012-0962
Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when importing PPA GPG keys from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle MITM attack...
[USN-1666-1] Aptdaemon vulnerability
========================================================================== Ubuntu Security Notice USN-1666-1 December 17, 2012 aptdaemon vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...