5 matches found
Unattended-upgrades File Checksum Bypass Remote Arbitrary Code Execution Vulnerability
unattended-upgrades is an automatic update program. The unattended-upgrades system fails to properly verify downloaded files if the 'force-confold' or 'force-confnew' dpkg option is enabled via the DPkg::Options:: apt configuration, allowing an attacker to modify the package file and execute...
Debian DSA-3297-1 : unattended-upgrades - security update
It was discovered that unattended-upgrades, a script for automatic installation of security upgrades, did not properly authenticate downloaded packages when the force-confold or force-confnew dpkg options were enabled via the DPkg::Options:: apt configuration. %NASLMINLEVEL 70300 C Tenable Networ...
CVE-2015-1330
unattended-upgrades before 0.86.1 does not properly authenticate packages when the 1 force-confold or 2 force-confnew dpkg options are enabled in the DPkg::Options:: apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors...
UBUNTU-CVE-2015-1330
unattended-upgrades before 0.86.1 does not properly authenticate packages when the 1 force-confold or 2 force-confnew dpkg options are enabled in the DPkg::Options:: apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors...
Debian: Security Advisory (DSA-3297-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...