Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2012-5356

Опубликовано: 10 окт. 2012
Источник: nvd
CVSS2: 5.8
EPSS Низкий

Описание

The apt-add-repository tool in Ubuntu Software Properties 0.75.x before 0.75.10.3, 0.80.x before 0.80.9.2, 0.81.x before 0.81.13.5, 0.82.x before 0.82.7.3, and 0.92.x before 0.92.8 does not properly check PPA GPG keys imported from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle (MITM) attack.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:canonical:ubuntu_software_properties:0.75.4:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.75.5:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.75.6:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.75.7:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.75.8:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.75.9:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.75.10:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.75.10.1:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.75.10.2:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:canonical:ubuntu_software_properties:0.80:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.80.2:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.80.3:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.80.4:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.80.5:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.80.6:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.80.7:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.80.8:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.80.9:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.80.9.1:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:a:canonical:ubuntu_software_properties:0.81:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.1:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.2:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.3:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.4:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.5:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.6:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.7:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.8:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.9:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.10:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.11:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.13:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.13.1:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.13.2:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.13.3:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.81.13.4:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:a:canonical:ubuntu_software_properties:0.82:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.82.2:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.82.3:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.82.4:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.82.5:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.82.6:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.82.7:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.82.7.1:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.82.7.2:*:*:*:*:*:*:*
Конфигурация 5

Одно из

cpe:2.3:a:canonical:ubuntu_software_properties:0.92:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.92.2:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.92.3:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.92.4:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.92.5:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.92.6:*:*:*:*:*:*:*
cpe:2.3:a:canonical:ubuntu_software_properties:0.92.7:*:*:*:*:*:*:*

EPSS

Процентиль: 71%
0.00666
Низкий

5.8 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2012-5356

ubuntu
больше 13 лет назад

The apt-add-repository tool in Ubuntu Software Properties 0.75.x before 0.75.10.3, 0.80.x before 0.80.9.2, 0.81.x before 0.81.13.5, 0.82.x before 0.82.7.3, and 0.92.x before 0.92.8 does not properly check PPA GPG keys imported from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle (MITM) attack.

github логотип

GHSA-724f-83mw-fgp7

github
больше 3 лет назад

The apt-add-repository tool in Ubuntu Software Properties 0.75.x before 0.75.10.3, 0.80.x before 0.80.9.2, 0.81.x before 0.81.13.5, 0.82.x before 0.82.7.3, and 0.92.x before 0.92.8 does not properly check PPA GPG keys imported from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle (MITM) attack.

EPSS

Процентиль: 71%
0.00666
Низкий

5.8 Medium

CVSS2

Дефекты

CWE-20