Debian: Security Advisory (DLA-0005-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

apt security update

Package : apt Version : 0.8.10.3+squeeze2 CVE ID : CVE-2011-3634 CVE-2014-0478 Debian Bug : 749795 Jakub Wilk discovered that APT, the high level package manager, did not properly perform authentication checks for source packages downloaded via "apt-get source". This only affects use cases where...

CVE-2011-3634

methods/https.cc in apt before 0.8.11 accepts connections when the certificate host name fails validation and Verify-Host is enabled, which allows man-in-the-middle attackers to obtain repository credentials via unspecified vectors...

CVE-2011-3634

methods/https.cc in apt before 0.8.11 accepts connections when the certificate host name fails validation and Verify-Host is enabled, which allows man-in-the-middle attackers to obtain repository credentials via unspecified vectors...

CVE-2011-3634

methods/https.cc in apt before 0.8.11 accepts connections when the certificate host name fails validation and Verify-Host is enabled, which allows man-in-the-middle attackers to obtain repository credentials via unspecified vectors...

CVE-2011-3634

CVE-2011-3634 affects apt before 0.8.11, where methods/https.cc accepts HTTPS connections even when certificate hostname validation fails if Verify-Host is enabled. This misbehavior can allow a MITM to obtain repository credentials for HTTPS sources. The published descriptions (NVD and OSV family...

Ubuntu: Security Advisory (USN-1283-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : apt vulnerability (USN-1283-1)

It was discovered that APT incorrectly handled the Verify-Host configuration option. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to steal repository credentials. This issue only affected Ubuntu 10.04 LTS and 10.10. CVE-2011-3634...

USN-1283-1: APT vulnerability

It was discovered that APT incorrectly handled the Verify-Host configuration option. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could potentially be used to steal repository credentials. This issue only affected Ubuntu 10.04 LTS and 10.10. CVE-2011-3634...