Lucene search
K

10 matches found

Mageia
Mageia
added 2014/11/12 9:56 a.m.30 views

Updated apt packages fix security vulnerability

The Google Security Team discovered a buffer overflow vulnerability in the HTTP transport code in apt-get. An attacker able to man-in-the-middle a HTTP request to an apt repository can trigger the buffer overflow, leading to a crash of the "http" apt method binary, or potentially to arbitrary cod...

6.8CVSS9.7AI score0.02437EPSS
Exploits0References2
Debian
Debian
added 2014/10/14 9:47 a.m.33 views

[SECURITY] [DLA 58-2] apt regression fix

Package : apt Version : 0.8.10.3+squeeze6 CVE ID : CVE-2014-6273 This update fixes a regression introduced in 0.8.10.3+squeeze5 where apt would send invalid HTTP requests when sending If-Range queries. Thanks to Steven McDonald who reported1 the regression and to Michael Vogt for having uploaded ...

6.8CVSS7.3AI score0.02437EPSS
Exploits0
OSV
OSV
added 2014/09/30 2:55 p.m.6 views

CVE-2014-6273

Buffer overflow in the HTTP transport code in apt-get in APT 1.0.1 and earlier allows man-in-the-middle attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted URL...

7.6AI score
Exploits0References7
Cvelist
Cvelist
added 2014/09/30 2:0 p.m.34 views

CVE-2014-6273

Buffer overflow in the HTTP transport code in apt-get in APT 1.0.1 and earlier allows man-in-the-middle attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted URL...

7.5AI score0.02437EPSS
Exploits0References6
CVE
CVE
added 2014/09/30 2:0 p.m.85 views

CVE-2014-6273

Summary: CVE-2014-6273 is a buffer overflow in the HTTP transport code of apt-get in APT 1.0.1 and earlier , enabling MITM-induced DoS or possible arbitrary code execution via a crafted URL. Multiple connected records confirm: Debian/DLA-58-2 provides a regression fix for apt; OSV entries documen...

6.8CVSS9.5AI score0.02437EPSS
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2014/09/25 12:0 a.m.53 views

[USN-2353-1] APT vulnerability

========================================================================== Ubuntu Security Notice USN-2353-1 September 23, 2014 apt vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.8CVSS0.1AI score0.02437EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/09/24 12:0 a.m.36 views

Ubuntu 14.04 LTS : APT vulnerability (USN-2353-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2353-1 advisory. It was discovered that APT incorrectly handled certain http URLs. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be...

6.8CVSS8.6AI score0.02437EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2014/09/24 12:0 a.m.32 views

Ubuntu: Security Advisory (USN-2353-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS9.5AI score0.02437EPSS
Exploits0References2
Debian
Debian
added 2014/09/23 4:18 p.m.27 views

[SECURITY] [DSA 3031-1] apt security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3031-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 23, 2014 http://www.debian.org/security/faq -...

6.8CVSS9.7AI score0.02437EPSS
Exploits0
Ubuntu
Ubuntu
added 2014/09/23 4:12 p.m.45 views

USN-2353-1: APT vulnerability

It was discovered that APT incorrectly handled certain http URLs. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to cause APT to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for...

6.8CVSS8.5AI score0.02437EPSS
Exploits0
Rows per page
Query Builder