68 matches found
CVE-2011-4407
ppa.py in Software Properties before 0.81.13.3 does not validate the server certificate when downloading PPA GPG key fingerprints, which allows man-in-the-middle MITM attackers to spoof GPG keys for a package repository...
CVE-2011-4407
The CVE-2011-4407 issue affects ppa.py in Software Properties prior to version 0.81.13.3, which does not validate the server certificate when downloading PPA GPG key fingerprints. This MITM vulnerability could allow an attacker to spoof GPG keys for a package repository, potentially compromising ...
CVE-2011-4407
ppa.py in Software Properties before 0.81.13.3 does not validate the server certificate when downloading PPA GPG key fingerprints, which allows man-in-the-middle MITM attackers to spoof GPG keys for a package repository...
CVE-2013-1061
dbus/SoftwarePropertiesDBus.py in Software Properties 0.92.17 before 0.92.17.3, 0.92.9 before 0.92.9.3, and 0.82.7 before 0.82.7.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProce...
DEBIAN-CVE-2013-1061
dbus/SoftwarePropertiesDBus.py in Software Properties 0.92.17 before 0.92.17.3, 0.92.9 before 0.92.9.3, and 0.82.7 before 0.82.7.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProce...
Race condition
dbus/SoftwarePropertiesDBus.py in Software Properties 0.92.17 before 0.92.17.3, 0.92.9 before 0.92.9.3, and 0.82.7 before 0.82.7.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProce...
CVE-2013-1061
dbus/SoftwarePropertiesDBus.py in Software Properties 0.92.17 before 0.92.17.3, 0.92.9 before 0.92.9.3, and 0.82.7 before 0.82.7.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProce...
CVE-2013-1061
dbus/SoftwarePropertiesDBus.py in Software Properties 0.92.17 before 0.92.17.3, 0.92.9 before 0.92.9.3, and 0.82.7 before 0.82.7.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProce...
Ubuntu Update for software-properties USN-1960-1
Check for the Version of software-properties OpenVAS Vulnerability Test $Id: gbubuntuUSN19601.nasl 8494 2018-01-23 06:57:55Z teissa $ Ubuntu Update for software-properties USN-1960-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This...
Ubuntu: Security Advisory (USN-1960-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 12.04 LTS / 12.10 / 13.04 : software-properties vulnerability (USN-1960-1)
It was discovered that Software Properties was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory...
USN-1960-1: Software Properties vulnerability
It was discovered that Software Properties was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations...
CVE-2013-1061
dbus/SoftwarePropertiesDBus.py in Software Properties 0.92.17 before 0.92.17.3, 0.92.9 before 0.92.9.3, and 0.82.7 before 0.82.7.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProce...
CVE-2012-5356
The apt-add-repository tool in Ubuntu Software Properties 0.75.x before 0.75.10.3, 0.80.x before 0.80.9.2, 0.81.x before 0.81.13.5, 0.82.x before 0.82.7.3, and 0.92.x before 0.92.8 does not properly check PPA GPG keys imported from a keyserver, which allows remote attackers to install arbitrary...
CVE-2012-5356
The apt-add-repository tool in Ubuntu Software Properties 0.75.x before 0.75.10.3, 0.80.x before 0.80.9.2, 0.81.x before 0.81.13.5, 0.82.x before 0.82.7.3, and 0.92.x before 0.92.8 does not properly check PPA GPG keys imported from a keyserver, which allows remote attackers to install arbitrary...
Code injection
The apt-add-repository tool in Ubuntu Software Properties 0.75.x before 0.75.10.3, 0.80.x before 0.80.9.2, 0.81.x before 0.81.13.5, 0.82.x before 0.82.7.3, and 0.92.x before 0.92.8 does not properly check PPA GPG keys imported from a keyserver, which allows remote attackers to install arbitrary...
CVE-2012-5356
The CVE affects the apt-add-repository component of Ubuntu Software Properties. Versions prior to the listed fixes (0.75.x before 0.75.10.3, 0.80.x before 0.80.9.2, 0.81.x before 0.81.13.5, 0.82.x before 0.82.7.3, and 0.92.x before 0.92.8) fail to properly validate PPA GPG keys fetched from a key...
CVE-2012-5356
The apt-add-repository tool in Ubuntu Software Properties 0.75.x before 0.75.10.3, 0.80.x before 0.80.9.2, 0.81.x before 0.81.13.5, 0.82.x before 0.82.7.3, and 0.92.x before 0.92.8 does not properly check PPA GPG keys imported from a keyserver, which allows remote attackers to install arbitrary...
Ubuntu Update for software-properties USN-1588-1
Ubuntu Update for Linux kernel vulnerabilities USN-1588-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN15881.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for software-properties USN-1588-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH,...
Ubuntu: Security Advisory (USN-1588-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...