Lucene search
K

11 matches found

Cloud Foundry
Cloud Foundry
added 2015/07/06 12:0 a.m.37 views

CVE-2015-1330 Unattended-Upgrades Vulnerability | Cloud Foundry

CVE-2015-1330 Unattended-Upgrades Vulnerability Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 LTS Description It was found that for some configurations, unattended-upgrades would not properly perform authentication checks on packages prior to installation. An attacker...

6.8CVSS6.2AI score0.01435EPSS
Exploits0
securityvulns
securityvulns
added 2015/07/05 12:0 a.m.49 views

[SECURITY] [DSA 3297-1] unattended-upgrades security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3297-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini June 29, 2015 https://www.debian.org/security/faq -...

6.8CVSS1.9AI score0.01435EPSS
Exploits0
Debian
Debian
added 2015/07/02 9:17 a.m.24 views

[SECURITY] [DLA 265-1] unattended-upgrades security update

Package : unattended-upgrades Version : 0.62.2+squeeze1 CVE ID : CVE-2015-1330 Bug : LP: 1466380 It was discovered that unattended-upgrades, a script for automatic installation of security upgrades, did not properly authenticate downloaded packages when the force-confold or force-confnew dpkg...

6.8CVSS5.8AI score0.01435EPSS
Exploits0
NVD
NVD
added 2015/07/01 2:59 p.m.17 views

CVE-2015-1330

unattended-upgrades before 0.86.1 does not properly authenticate packages when the 1 force-confold or 2 force-confnew dpkg options are enabled in the DPkg::Options:: apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors...

6.8CVSS7.1AI score0.01435EPSS
Exploits0References4
OSV
OSV
added 2015/07/01 2:59 p.m.6 views

CVE-2015-1330

unattended-upgrades before 0.86.1 does not properly authenticate packages when the 1 force-confold or 2 force-confnew dpkg options are enabled in the DPkg::Options:: apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors...

7AI score
Exploits0References4
Cvelist
Cvelist
added 2015/07/01 2:0 p.m.28 views

CVE-2015-1330

unattended-upgrades before 0.86.1 does not properly authenticate packages when the 1 force-confold or 2 force-confnew dpkg options are enabled in the DPkg::Options:: apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors...

6.9AI score0.01435EPSS
Exploits0References4
CVE
CVE
added 2015/07/01 2:0 p.m.82 views

CVE-2015-1330

CVE-2015-1330 affects unattended-upgrades prior to 0.86.1, where authentication of downloaded packages can be bypassed when DPkg::Options contains force-confold or force-confnew. This enables a remote MITM attacker to upload and install altered packages via unspecified vectors. Root cause: inadeq...

6.8CVSS7.1AI score0.01435EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2015/07/01 2:0 p.m.29 views

CVE-2015-1330

unattended-upgrades before 0.86.1 does not properly authenticate packages when the 1 force-confold or 2 force-confnew dpkg options are enabled in the DPkg::Options:: apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors...

6.8CVSS6.9AI score0.01435EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/06/30 12:0 a.m.23 views

Debian DSA-3297-1 : unattended-upgrades - security update

It was discovered that unattended-upgrades, a script for automatic installation of security upgrades, did not properly authenticate downloaded packages when the force-confold or force-confnew dpkg options were enabled via the DPkg::Options:: apt configuration. %NASLMINLEVEL 70300 C Tenable Networ...

6.8CVSS5.3AI score0.01435EPSS
Exploits0References4
Debian
Debian
added 2015/06/29 5:13 p.m.21 views

[SECURITY] [DSA 3297-1] unattended-upgrades security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3297-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini June 29, 2015 https://www.debian.org/security/faq -...

6.8CVSS5.8AI score0.01435EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/06/28 12:0 a.m.19 views

Debian: Security Advisory (DSA-3297-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.5AI score0.01435EPSS
Exploits0References3
Rows per page
Query Builder