Lucene search

K
ubuntucveUbuntu.comUB:CVE-2012-0949
HistoryMay 17, 2012 - 12:00 a.m.

CVE-2012-0949

2012-05-1700:00:00
ubuntu.com
ubuntu.com
8

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

EPSS

0.005

Percentile

75.7%

The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and
11.04 uploads certain system state archive files when reporting bugs to
Launchpad, which allows remote attackers to read repository credentials by
viewing a public bug report.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu11.04noarchupdate-manager< 1:0.150.5.3UNKNOWN
ubuntu11.10noarchupdate-manager< 1:0.152.25.11UNKNOWN
ubuntu12.04noarchupdate-manager< 1:0.156.14.4UNKNOWN

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

EPSS

0.005

Percentile

75.7%