11 matches found
CVE-2015-1330 Unattended-Upgrades Vulnerability | Cloud Foundry
CVE-2015-1330 Unattended-Upgrades Vulnerability Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 LTS Description It was found that for some configurations, unattended-upgrades would not properly perform authentication checks on packages prior to installation. An attacker...
[SECURITY] [DSA 3297-1] unattended-upgrades security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3297-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini June 29, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DLA 265-1] unattended-upgrades security update
Package : unattended-upgrades Version : 0.62.2+squeeze1 CVE ID : CVE-2015-1330 Bug : LP: 1466380 It was discovered that unattended-upgrades, a script for automatic installation of security upgrades, did not properly authenticate downloaded packages when the force-confold or force-confnew dpkg...
CVE-2015-1330
unattended-upgrades before 0.86.1 does not properly authenticate packages when the 1 force-confold or 2 force-confnew dpkg options are enabled in the DPkg::Options:: apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors...
CVE-2015-1330
unattended-upgrades before 0.86.1 does not properly authenticate packages when the 1 force-confold or 2 force-confnew dpkg options are enabled in the DPkg::Options:: apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors...
CVE-2015-1330
unattended-upgrades before 0.86.1 does not properly authenticate packages when the 1 force-confold or 2 force-confnew dpkg options are enabled in the DPkg::Options:: apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors...
CVE-2015-1330
CVE-2015-1330 affects unattended-upgrades prior to 0.86.1, where authentication of downloaded packages can be bypassed when DPkg::Options contains force-confold or force-confnew. This enables a remote MITM attacker to upload and install altered packages via unspecified vectors. Root cause: inadeq...
CVE-2015-1330
unattended-upgrades before 0.86.1 does not properly authenticate packages when the 1 force-confold or 2 force-confnew dpkg options are enabled in the DPkg::Options:: apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors...
Debian DSA-3297-1 : unattended-upgrades - security update
It was discovered that unattended-upgrades, a script for automatic installation of security upgrades, did not properly authenticate downloaded packages when the force-confold or force-confnew dpkg options were enabled via the DPkg::Options:: apt configuration. %NASLMINLEVEL 70300 C Tenable Networ...
[SECURITY] [DSA 3297-1] unattended-upgrades security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3297-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini June 29, 2015 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-3297-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...