Описание
unattended-upgrades before 0.86.1 does not properly authenticate packages when the (1) force-confold or (2) force-confnew dpkg options are enabled in the DPkg::Options::* apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors.
Ссылки
Уязвимые конфигурации
Одно из
EPSS
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
unattended-upgrades before 0.86.1 does not properly authenticate packages when the (1) force-confold or (2) force-confnew dpkg options are enabled in the DPkg::Options::* apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors.
unattended-upgrades before 0.86.1 does not properly authenticate packa ...
unattended-upgrades before 0.86.1 does not properly authenticate packages when the (1) force-confold or (2) force-confnew dpkg options are enabled in the DPkg::Options::* apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors.
Уязвимость операционной системы Ubuntu, позволяющая нарушителю загрузить и выполнить произвольные установочные пакеты
EPSS
6.8 Medium
CVSS2