Lucene search
Ubuntu.comUB:CVE-2010-0834HistoryAug 05, 2010 - 12:00 a.m.
CVE-2010-0834
2010-08-0500:00:00
ubuntu.com
ubuntu.com
8
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.006 Low
EPSS
Percentile
77.9%
The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before
5.0.0ubuntu20.10.04.2 on Ubuntu 10.04 LTS, as shipped on Dell Latitude 2110
netbooks, does not require authentication for package installation, which
allows remote archive servers and man-in-the-middle attackers to execute
arbitrary code via a crafted package.
Notes
| Author | Note |
|---|---|
| kees | this was fixed via base-files, but was a vulnerabilities in the pre-installed image of the Dell Latitude 2110. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 9.10 | noarch | base-files | < 5.0.0ubuntu7.1 | UNKNOWN |
| ubuntu | 10.04 | noarch | base-files | < 5.0.0ubuntu20.10.04.2 | UNKNOWN |
Related
cve
cve
CVE-2010-0834
2022-10-03 16:21:13
cvelist
cvelist
CVE-2010-0834
2022-10-03 16:21:13
openvas
openvas
Ubuntu: Security Advisory (USN-968-1)
2010-08-06 00:00:00
Ubuntu Update for base-files vulnerability USN-968-1
2010-08-06 00:00:00
debiancve
debiancve
CVE-2010-0834
2022-10-03 16:21:13
nvd
nvd
CVE-2010-0834
2010-08-10 12:23:05
prion
prion
Authentication flaw
2010-08-10 12:23:00
nessus
nessus
Ubuntu 9.10 / 10.04 LTS : base-files vulnerability (USN-968-1)
2010-08-06 00:00:00
ubuntu
ubuntu
Dell Latitude 2110 vulnerability
2010-08-05 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.006 Low
EPSS
Percentile
77.9%
Related for UB:CVE-2010-0834