Описание
Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does not authenticate packages when the transaction is not simulated, which allows remote attackers to install arbitrary packages via a man-in-the-middle attack.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 0.43+bzr790-0ubuntu1 |
| hardy | DNE | |
| lucid | not-affected | |
| maverick | not-affected | |
| natty | released | 0.41+bzr661-0ubuntu0.2 |
| oneiric | released | 0.43+bzr697-0ubuntu1.2 |
| upstream | needs-triage |
Показывать по
4.3 Medium
CVSS2
Связанные уязвимости
Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does not authenticate packages when the transaction is not simulated, which allows remote attackers to install arbitrary packages via a man-in-the-middle attack.
Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does ...
Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does not authenticate packages when the transaction is not simulated, which allows remote attackers to install arbitrary packages via a man-in-the-middle attack.
4.3 Medium
CVSS2