Lucene search
K

5 matches found

OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.19 views

Debian Security Advisory DSA 1394-1 (reprepro)

The remote host is missing an update to reprepro announced via advisory DSA 1394-1. OpenVAS Vulnerability Test $Id: deb13941.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1394-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

5CVSS6.6AI score0.01516EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.16 views

Debian: Security Advisory (DSA-1394-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.1AI score0.01516EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2007/10/25 12:0 a.m.27 views

Debian DSA-1394-1 : reprepro - authentication bypass

It was discovered that reprepro, a tool to create a repository of Debian packages, only checks the validity of known signatures when updating from a remote site, and thus does not reject packages with only unknown signatures. This allows an attacker to bypass this authentication mechanism. The...

5CVSS5.6AI score0.01516EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2007/09/06 7:17 p.m.26 views

CVE-2007-4739

reprepro 1.3.0 through 2.2.3 does not properly verify signatures when updating repositories, which allows remote attackers to construct and distribute an ostensibly valid Release.gpg file by signing it with an unknown key, related to the update command...

5CVSS5.9AI score0.01516EPSS
Exploits0References1
CVE
CVE
added 2007/09/06 7:0 p.m.61 views

CVE-2007-4739

CVE-2007-4739 affects reprepro versions 1.3.0 through 2.2.3, where repository updates do not adequately verify signatures: it only validates known signatures and may accept unsigned/unknown signatures, allowing remote attackers to craft a seemingly valid Release.gpg file. The issue enables an aut...

5CVSS6.4AI score0.01516EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder