Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2012-0962
HistoryDec 17, 2012 - 12:00 a.m.

CVE-2012-0962

2012-12-1700:00:00
ubuntu.com
ubuntu.com
11

0.003 Low

EPSS

Percentile

69.4%

JSON

Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when importing
PPA GPG keys from a keyserver, which allows remote attackers to install
arbitrary package repository GPG keys via a man-in-the-middle (MITM)
attack.

Bugs

Notes

Author Note
mdeslaur quantal and higher use add_key_from_keyserver() in python-apt which does use long gpg keyids lucid doesn’t use apt-key
OSVersionArchitecturePackageVersionFilename
ubuntu11.10noarchaptdaemon< 0.43+bzr697-0ubuntu1.3UNKNOWN
ubuntu12.04noarchaptdaemon< 0.43+bzr805-0ubuntu7UNKNOWN

Related

ubuntu 1
securityvulns 2
prion 1
cvelist 1
openvas 2
cve 1
nessus 1
ubuntu
ubuntu
Aptdaemon vulnerability
2012-12-17 00:00:00
securityvulns
securityvulns
[USN-1666-1] Aptdaemon vulnerability
2012-12-18 00:00:00
aptdaemon key validation vulnerability
2012-12-18 00:00:00
prion
prion
Code injection
2012-12-26 22:55:00
cvelist
cvelist
CVE-2012-0962
2022-10-03 16:15:38
openvas
openvas
Ubuntu: Security Advisory (USN-1666-1)
2012-12-18 00:00:00
Ubuntu Update for aptdaemon USN-1666-1
2012-12-18 00:00:00
cve
cve
CVE-2012-0962
2012-12-26 22:55:00
nessus
nessus
Ubuntu 11.10 / 12.04 LTS : aptdaemon vulnerability (USN-1666-1)
2012-12-18 00:00:00

0.003 Low

EPSS

Percentile

69.4%

JSON
Related for UB:CVE-2012-0962
ubuntu1securityvulns2prion1cvelist1openvas2cve1nessus1