{"cve": [{"lastseen": "2017-09-22T10:42:07", "bulletinFamily": "NVD", "description": "unattended-upgrades before 0.86.1 does not properly authenticate packages when the (1) force-confold or (2) force-confnew dpkg options are enabled in the DPkg::Options::* apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors.", "modified": "2017-09-21T21:29:02", "published": "2015-07-01T10:59:04", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1330", "id": "CVE-2015-1330", "title": "CVE-2015-1330", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cloudfoundry": [{"lastseen": "2018-09-07T03:25:36", "bulletinFamily": "software", "description": "CVE-2015-1330 Unattended-Upgrades Vulnerability\n\n# \n\nMedium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 14.04 LTS\n\n# Description\n\nIt was found that for some configurations, unattended-upgrades would not properly perform authentication checks on packages prior to installation. An attacker could thus trick unattended-upgrades into installing altered packages.\n\n# Affected Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * Any Cloud Foundry deployment with Ubuntu Trusty BOSH stemcells 3003 and prior.\n\n# Mitigation\n\nUsers of affected versions should apply the following mitigation:\n\n * BOSH stemcell 3004 contains the patched version of unattended-upgrades that resolves CVE-2015-1330. The Cloud Foundry team recommends upgrading to BOSH stemcell 3004 or higher to address this concern.\n\n# Credit\n\nCanonical Ubuntu\n\n# References\n\n * <http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1330.html>\n * <http://www.ubuntu.com/usn/usn-2657-1/>\n * <https://bosh.io/stemcells>\n * <https://github.com/cloudfoundry/cf-release>\n", "modified": "2015-07-06T00:00:00", "published": "2015-07-06T00:00:00", "id": "CFOUNDRY:F64A880F696DB3DA8BC133B954F02672", "href": "https://www.cloudfoundry.org/blog/cve-2015-1330/", "title": "CVE-2015-1330 Unattended-Upgrades Vulnerability | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-24T12:52:39", "bulletinFamily": "scanner", "description": "It was discovered that unattended-upgrades,\na script for automatic installation of security upgrades, did not properly authenticate\ndownloaded packages when the force-confold or force-confnew dpkg options\nwere enabled via the DPkg::Options::* apt configuration.", "modified": "2017-07-07T00:00:00", "published": "2015-06-29T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=703297", "id": "OPENVAS:703297", "title": "Debian Security Advisory DSA 3297-1 (unattended-upgrades - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3297.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3297-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703297);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2015-1330\");\n script_name(\"Debian Security Advisory DSA 3297-1 (unattended-upgrades - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-06-29 00:00:00 +0200 (Mon, 29 Jun 2015)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3297.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"unattended-upgrades on Debian Linux\");\n script_tag(name: \"insight\", value: \"This package can download and install security upgrades automatically\nand unattended, taking care to only install packages from the\nconfigured APT source, and checking for dpkg prompts about\nconfiguration file changes.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy),\nthis problem has been fixed in version 0.79.5+wheezy2.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 0.83.3.2+deb8u1.\n\nFor the unstable distribution (sid), this problem will be fixed shortly.\n\nWe recommend that you upgrade your unattended-upgrades packages.\");\n script_tag(name: \"summary\", value: \"It was discovered that unattended-upgrades,\na script for automatic installation of security upgrades, did not properly authenticate\ndownloaded packages when the force-confold or force-confnew dpkg options\nwere enabled via the DPkg::Options::* apt configuration.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"unattended-upgrades\", ver:\"0.79.5+wheezy2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:52:53", "bulletinFamily": "scanner", "description": "It was discovered that unattended-upgrades,\na script for automatic installation of security upgrades, did not properly authenticate\ndownloaded packages when the force-confold or force-confnew dpkg options\nwere enabled via the DPkg::Options::* apt configuration.", "modified": "2018-04-06T00:00:00", "published": "2015-06-29T00:00:00", "id": "OPENVAS:1361412562310703297", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703297", "title": "Debian Security Advisory DSA 3297-1 (unattended-upgrades - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3297.nasl 9355 2018-04-06 07:16:07Z cfischer $\n# Auto-generated from advisory DSA 3297-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703297\");\n script_version(\"$Revision: 9355 $\");\n script_cve_id(\"CVE-2015-1330\");\n script_name(\"Debian Security Advisory DSA 3297-1 (unattended-upgrades - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2018-04-06 09:16:07 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value: \"2015-06-29 00:00:00 +0200 (Mon, 29 Jun 2015)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3297.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"unattended-upgrades on Debian Linux\");\n script_tag(name: \"insight\", value: \"This package can download and install security upgrades automatically\nand unattended, taking care to only install packages from the\nconfigured APT source, and checking for dpkg prompts about\nconfiguration file changes.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy),\nthis problem has been fixed in version 0.79.5+wheezy2.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 0.83.3.2+deb8u1.\n\nFor the unstable distribution (sid), this problem will be fixed shortly.\n\nWe recommend that you upgrade your unattended-upgrades packages.\");\n script_tag(name: \"summary\", value: \"It was discovered that unattended-upgrades,\na script for automatic installation of security upgrades, did not properly authenticate\ndownloaded packages when the force-confold or force-confnew dpkg options\nwere enabled via the DPkg::Options::* apt configuration.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"unattended-upgrades\", ver:\"0.79.5+wheezy2\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-19T13:01:24", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2015-06-30T00:00:00", "id": "OPENVAS:1361412562310842263", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842263", "title": "Ubuntu Update for unattended-upgrades USN-2657-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for unattended-upgrades USN-2657-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842263\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-30 06:28:20 +0200 (Tue, 30 Jun 2015)\");\n script_cve_id(\"CVE-2015-1330\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for unattended-upgrades USN-2657-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'unattended-upgrades'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that unattended-upgrades\nincorrectly performed authentication checks in certain configurations. If a remote\nattacker were able to perform a man-in-the-middle attack, this flaw could potentially\nbe used to install altered packages.\");\n script_tag(name:\"affected\", value:\"unattended-upgrades on Ubuntu 14.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2657-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2657-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.10|14\\.04 LTS|12\\.04 LTS)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU14.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"unattended-upgrades\", ver:\"0.82.8ubuntu0.3\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"unattended-upgrades\", ver:\"0.82.1ubuntu2.3\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"unattended-upgrades\", ver:\"0.76ubuntu1.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2018-10-16T22:14:53", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3297-1 security@debian.org\nhttps://www.debian.org/security/ Alessandro Ghedini\nJune 29, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : unattended-upgrades\nCVE ID : CVE-2015-1330\n\nIt was discovered that unattended-upgrades, a script for automatic\ninstallation of security upgrades, did not properly authenticate\ndownloaded packages when the force-confold or force-confnew dpkg options\nwere enabled via the DPkg::Options::* apt configuration.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 0.79.5+wheezy2.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 0.83.3.2+deb8u1.\n\nFor the unstable distribution (sid), this problem will be fixed shortly.\n\nWe recommend that you upgrade your unattended-upgrades packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2015-06-29T17:14:11", "published": "2015-06-29T17:14:11", "id": "DEBIAN:DSA-3297-1:76DC9", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00193.html", "title": "[SECURITY] [DSA 3297-1] unattended-upgrades security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-16T22:14:31", "bulletinFamily": "unix", "description": "Package : unattended-upgrades\nVersion : 0.62.2+squeeze1\nCVE ID : CVE-2015-1330\nBug : LP: #1466380\n\nIt was discovered that unattended-upgrades, a script for automatic\ninstallation of security upgrades, did not properly authenticate\ndownloaded packages when the force-confold or force-confnew dpkg\noptions were enabled via the DPkg::Options::* apt configuration.\n\nWe recommend that you upgrade your unattended-upgrades package.\n", "modified": "2015-07-02T09:18:06", "published": "2015-07-02T09:18:06", "id": "DEBIAN:DLA-265-1:A57C9", "href": "https://lists.debian.org/debian-lts-announce/2015/debian-lts-announce-201507/msg00002.html", "title": "[SECURITY] [DLA 265-1] unattended-upgrades security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-01-16T20:21:49", "bulletinFamily": "scanner", "description": "It was discovered that unattended-upgrades, a script for automatic\ninstallation of security upgrades, did not properly authenticate\ndownloaded packages when the force-confold or force-confnew dpkg\noptions were enabled via the DPkg::Options::* apt configuration.", "modified": "2018-11-10T00:00:00", "published": "2015-06-30T00:00:00", "id": "DEBIAN_DSA-3297.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84449", "title": "Debian DSA-3297-1 : unattended-upgrades - security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3297. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84449);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/11/10 11:49:37\");\n\n script_cve_id(\"CVE-2015-1330\");\n script_xref(name:\"DSA\", value:\"3297\");\n\n script_name(english:\"Debian DSA-3297-1 : unattended-upgrades - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that unattended-upgrades, a script for automatic\ninstallation of security upgrades, did not properly authenticate\ndownloaded packages when the force-confold or force-confnew dpkg\noptions were enabled via the DPkg::Options::* apt configuration.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/unattended-upgrades\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/unattended-upgrades\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3297\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the unattended-upgrades packages.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 0.79.5+wheezy2.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 0.83.3.2+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:unattended-upgrades\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"unattended-upgrades\", reference:\"0.79.5+wheezy2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"unattended-upgrades\", reference:\"0.83.3.2+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:21:49", "bulletinFamily": "scanner", "description": "It was discovered that unattended-upgrades incorrectly performed\nauthentication checks in certain configurations. If a remote attacker\nwere able to perform a man-in-the-middle attack, this flaw could\npotentially be used to install altered packages.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2018-12-01T00:00:00", "published": "2015-06-29T00:00:00", "id": "UBUNTU_USN-2657-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84444", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 14.10 / 15.04 : unattended-upgrades vulnerability (USN-2657-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2657-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84444);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2018/12/01 15:12:39\");\n\n script_cve_id(\"CVE-2015-1330\");\n script_xref(name:\"USN\", value:\"2657-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 14.10 / 15.04 : unattended-upgrades vulnerability (USN-2657-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that unattended-upgrades incorrectly performed\nauthentication checks in certain configurations. If a remote attacker\nwere able to perform a man-in-the-middle attack, this flaw could\npotentially be used to install altered packages.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2657-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected unattended-upgrades package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:unattended-upgrades\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(12\\.04|14\\.04|14\\.10|15\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 14.10 / 15.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"unattended-upgrades\", pkgver:\"0.76ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"unattended-upgrades\", pkgver:\"0.82.1ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"unattended-upgrades\", pkgver:\"0.82.8ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"unattended-upgrades\", pkgver:\"0.83.6ubuntu1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"unattended-upgrades\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:08:52", "bulletinFamily": "unix", "description": "It was discovered that unattended-upgrades incorrectly performed authentication checks in certain configurations. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages.", "modified": "2015-06-29T00:00:00", "published": "2015-06-29T00:00:00", "id": "USN-2657-1", "href": "https://usn.ubuntu.com/2657-1/", "title": "unattended-upgrades vulnerability", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:11:00", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-3297-1 security@debian.org\r\nhttps://www.debian.org/security/ Alessandro Ghedini\r\nJune 29, 2015 https://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : unattended-upgrades\r\nCVE ID : CVE-2015-1330\r\n\r\nIt was discovered that unattended-upgrades, a script for automatic\r\ninstallation of security upgrades, did not properly authenticate\r\ndownloaded packages when the force-confold or force-confnew dpkg options\r\nwere enabled via the DPkg::Options::* apt configuration.\r\n\r\nFor the oldstable distribution (wheezy), this problem has been fixed\r\nin version 0.79.5+wheezy2.\r\n\r\nFor the stable distribution (jessie), this problem has been fixed in\r\nversion 0.83.3.2+deb8u1.\r\n\r\nFor the unstable distribution (sid), this problem will be fixed shortly.\r\n\r\nWe recommend that you upgrade your unattended-upgrades packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: https://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1\r\n\r\niQIcBAEBCgAGBQJVkXzQAAoJEK+lG9bN5XPL7YQQAIhydn8pwEFGRiW1SrVaODJx\r\nXAWCacPo+3aP+qO0C4XDkotLUv1NGy8qbsreUmu/5ED+hzMjCcfk3+yXFkD7/paB\r\nxvUQuhKgjAoxTMZWUNjHqik2LFfbd+o5L6q6j+AF/C1SeR36C1lapy25pdD/SIGN\r\nY0dA9Cy2DWUV8IWNJuTwKP2FeGaDdTtZNH0TbA4F2ApC2H2Cx0jJg/pjiV61nk6W\r\nOrJyEkqZ+rlr/luucOE52IEto9Ojh1sWzJ2WBCZkvA/AWLL8JTFUR6REQuH5AYSy\r\npbxla8C5mOLoIe1wOAJDsV5Fob9J6vDBe8Id2dOowQD8XtoFzUUzGqxbuteL//9Q\r\nnFnKcxEommS2bRIvjWf3s2FBYKcXExonqe1ZNnYzt2AKEKvWiCz5/il1eEXX7ZpO\r\nRyk4Qepox4yIEShu6auR234TUaFBVezmOAD6BWXdUOZ5DtJ739SSNgKoZo8vcz4A\r\nLPtWLF30Eb+00fXExy+NoPIwRwjRHFUhii0mEbKHG2P3jvsWZs1ozX3l4Lh4/k6F\r\n+ObZPinGbjVCYRcaV+f0Twsb7PvlOchw1iF02UF6YVxjIiUNZUW6+n7m251kffFa\r\n7QmyjKKdNd8t+3Hxf9oAZCAAKswzOopBhGw9f3irHXSOBdhUpPDo6wrG9Un7AJDb\r\nvL3fNxm/g7OC6j4MFgUe\r\n=Y41R\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2015-07-05T00:00:00", "published": "2015-07-05T00:00:00", "id": "SECURITYVULNS:DOC:32275", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32275", "title": "[SECURITY] [DSA 3297-1] unattended-upgrades security update", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
