CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
Percentile
75.9%
The Apport hook (DistUpgradeApport.py) in Update Manager, as used by Ubuntu
12.04 LTS, 11.10, and 11.04, uploads the /var/log/dist-upgrade directory
when reporting bugs to Launchpad, which allows remote attackers to read
repository credentials by viewing a public bug report. NOTE: this
vulnerability exists because of an incomplete fix for CVE-2012-0949.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 11.04 | noarch | update-manager | < 1:0.150.5.4 | UNKNOWN |
ubuntu | 11.10 | noarch | update-manager | < 1:0.152.25.12 | UNKNOWN |
ubuntu | 12.04 | noarch | update-manager | < 1:0.156.14.5 | UNKNOWN |