11 matches found
Debian: Security Advisory (DLA-53-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-53-1 : apt security update
It was discovered that APT, the high level package manager, does not properly invalidate unauthenticated data CVE-2014-0488, performs incorrect verification of 304 replies CVE-2014-0487 and does not perform the checksum check when the Acquire::GzipIndexes option is used CVE-2014-0489. NOTE: Tenab...
CVE-2014-0488
APT before 1.0.9 does not "invalidate repository data" when moving from an unauthenticated to authenticated state, which allows remote attackers to have unspecified impact via crafted repository data...
CVE-2014-0488
CVE-2014-0488 concerns APT before 1.0.9, where the package manager does not properly invalidate repository data when transitioning from unauthenticated to authenticated state. This can allow a remote attacker to influence repository data with unspecified impact. The connected advisories consisten...
Debian DSA-3025-1 : apt - security update
It was discovered that APT, the high level package manager, does not properly invalidate unauthenticated data CVE-2014-0488 , performs incorrect verification of 304 replies CVE-2014-0487 , does not perform the checksum check when the Acquire::GzipIndexes option is used CVE-2014-0489 and does not...
Ubuntu: Security Advisory (USN-2348-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 53-1] apt security update
Package : apt Version : 0.8.10.3+squeeze3 CVE ID : CVE-2014-0487 CVE-2014-0488 CVE-2014-0489 It was discovered that APT, the high level package manager, does not properly invalidate unauthenticated data CVE-2014-0488, performs incorrect verification of 304 replies CVE-2014-0487 and does not perfo...
[SECURITY] [DSA 3025-1] apt security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3025-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 16, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3025-1] apt security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3025-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 16, 2014 http://www.debian.org/security/faq -...
USN-2348-1: APT vulnerabilities
It was discovered that APT did not re-verify downloaded files when the If-Modified-Since wasn't met. CVE-2014-0487 It was discovered that APT did not invalidate repository data when it switched from an unauthenticated to an authenticated state. CVE-2014-0488 It was discovered that the APT...
UBUNTU-CVE-2014-0488
APT before 1.0.9 does not "invalidate repository data" when moving from an unauthenticated to authenticated state, which allows remote attackers to have unspecified impact via crafted repository data...