Описание
The Apport hook (DistUpgradeApport.py) in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uploads the /var/log/dist-upgrade directory when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0949.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1:0.170 |
| hardy | not-affected | |
| lucid | not-affected | |
| natty | released | 1:0.150.5.4 |
| oneiric | released | 1:0.152.25.12 |
| precise | released | 1:0.156.14.5 |
| upstream | needs-triage |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
The Apport hook (DistUpgradeApport.py) in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uploads the /var/log/dist-upgrade directory when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0949.
The Apport hook (DistUpgradeApport.py) in Update Manager, as used by U ...
The Apport hook (DistUpgradeApport.py) in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uploads the /var/log/dist-upgrade directory when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0949.
EPSS
5 Medium
CVSS2