82 matches found
Ubuntu Update for aptdaemon USN-1666-1
Ubuntu Update for Linux kernel vulnerabilities USN-1666-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16661.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for aptdaemon USN-1666-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net Th...
aptdaemon key validation vulnerability
PPA GPG key is validated incorrectly...
Ubuntu 11.10 / 12.04 LTS : aptdaemon vulnerability (USN-1666-1)
It was discovered that Aptdaemon incorrectly validated PPA GPG keys when importing from a keyserver. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to install altered package repository GPG keys. Note that Tenable Network Security has extracted...
Ubuntu: Security Advisory (USN-1666-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-1666-1: Aptdaemon vulnerability
It was discovered that Aptdaemon incorrectly validated PPA GPG keys when importing from a keyserver. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to install altered package repository GPG keys...
CVE-2012-0962
Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when importing PPA GPG keys from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle MITM attack...
CVE-2012-0944
Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does not authenticate packages when the transaction is not simulated, which allows remote attackers to install arbitrary packages via a man-in-the-middle attack...
Code injection
Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does not authenticate packages when the transaction is not simulated, which allows remote attackers to install arbitrary packages via a man-in-the-middle attack...
CVE-2012-0944
Apt daemon (Aptdaemon) versions 0.43 and earlier on Ubuntu 11.04, 11.10, and 12.04 LTS do not authenticate packages when a transaction is not simulated, enabling a remote attacker to install arbitrary packages via a man-in-the-middle attack. The vulnerability is caused by insufficient authenticat...
CVE-2012-0944
Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does not authenticate packages when the transaction is not simulated, which allows remote attackers to install arbitrary packages via a man-in-the-middle attack...
Ubuntu Update for aptdaemon USN-1414-1
Ubuntu Update for Linux kernel vulnerabilities USN-1414-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN14141.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for aptdaemon USN-1414-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net Th...
Ubuntu: Security Advisory (USN-1414-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 11.04 / 11.10 : aptdaemon vulnerability (USN-1414-1)
It was discovered that Aptdaemon incorrectly handled installing packages without performing a transaction simulation. An attacker could possibly use this flaw to install altered packages. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu...
USN-1414-1: Aptdaemon vulnerability
It was discovered that Aptdaemon incorrectly handled installing packages without performing a transaction simulation. An attacker could possibly use this flaw to install altered packages...
CVE-2012-0944
Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does not authenticate packages when the transaction is not simulated, which allows remote attackers to install arbitrary packages via a man-in-the-middle attack...
Ubuntu Update for aptdaemon vulnerability USN-1068-1
Ubuntu Update for Linux kernel vulnerabilities USN-1068-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10681.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for aptdaemon vulnerability USN-1068-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...
CVE-2011-0725
Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sourceslist argument, related to the D-Bus interface...
Path traversal
Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sourceslist argument, related to the D-Bus interface...
CVE-2011-0725
The CVE-2011-0725 entry concerns Aptdaemon 0.40 on Ubuntu 10.10/11.04. Affected component: org.debian.apt.UpdateCachePartially (worker.py). Root cause: improper filtering of certain D‑Bus arguments via the Aptdaemon interface, enabling an absolute path traversal. Impact: local users can read arbi...
CVE-2011-0725
Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sourceslist argument, related to the D-Bus interface...