Описание
DistUpgrade/DistUpgradeMain.py in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uses weak permissions for (1) apt-clone_system_state.tar.gz and (2) system_state.tar.gz, which allows local users to obtain repository credentials.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1:0.170 |
| hardy | not-affected | |
| lucid | not-affected | |
| natty | released | 1:0.150.5.3 |
| oneiric | released | 1:0.152.25.11 |
| precise | released | 1:0.156.14.4 |
| upstream | needs-triage |
Показывать по
EPSS
2.1 Low
CVSS2
Связанные уязвимости
DistUpgrade/DistUpgradeMain.py in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uses weak permissions for (1) apt-clone_system_state.tar.gz and (2) system_state.tar.gz, which allows local users to obtain repository credentials.
DistUpgrade/DistUpgradeMain.py in Update Manager, as used by Ubuntu 12 ...
DistUpgrade/DistUpgradeMain.py in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uses weak permissions for (1) apt-clone_system_state.tar.gz and (2) system_state.tar.gz, which allows local users to obtain repository credentials.
EPSS
2.1 Low
CVSS2