Lucene search
K

5 matches found

CNVD
CNVD
added 2015/07/02 12:0 a.m.2 views

Unattended-upgrades File Checksum Bypass Remote Arbitrary Code Execution Vulnerability

unattended-upgrades is an automatic update program. The unattended-upgrades system fails to properly verify downloaded files if the 'force-confold' or 'force-confnew' dpkg option is enabled via the DPkg::Options:: apt configuration, allowing an attacker to modify the package file and execute...

6.8CVSS7.8AI score0.01435EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/06/30 12:0 a.m.23 views

Debian DSA-3297-1 : unattended-upgrades - security update

It was discovered that unattended-upgrades, a script for automatic installation of security upgrades, did not properly authenticate downloaded packages when the force-confold or force-confnew dpkg options were enabled via the DPkg::Options:: apt configuration. %NASLMINLEVEL 70300 C Tenable Networ...

6.8CVSS5.3AI score0.01435EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2015/06/29 5:0 p.m.25 views

CVE-2015-1330

unattended-upgrades before 0.86.1 does not properly authenticate packages when the 1 force-confold or 2 force-confnew dpkg options are enabled in the DPkg::Options:: apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors...

6.8CVSS6.1AI score0.01435EPSS
Exploits0References2
OSV
OSV
added 2015/06/29 5:0 p.m.3 views

UBUNTU-CVE-2015-1330

unattended-upgrades before 0.86.1 does not properly authenticate packages when the 1 force-confold or 2 force-confnew dpkg options are enabled in the DPkg::Options:: apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors...

6.8CVSS6AI score0.01435EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/06/28 12:0 a.m.19 views

Debian: Security Advisory (DSA-3297-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.5AI score0.01435EPSS
Exploits0References3
Rows per page
Query Builder