Page 4 of 21 results (0.007 seconds)

CVSS: 2.6EPSS: 0%CPEs: 61EXPL: 0

APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and does not check GPG subkeys, which might allow remote attackers to install altered packages via a man-in-the-middle (MITM) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3587. APT v0.7.x antes de v0.7.25 y v0.8.x antes de v0.8.16, cuando se utiliza el apt-key net-update para importar archivos de claves, se basa en el orden de los argumentos GnuPG y no verifica subclaves GPG, lo que podría permitir a atacantes remotos instalar paquetes alterados a través de un ataque man-in-the-middle (MITM). NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2012-3587. • http://seclists.org/fulldisclosure/2012/Jun/267 http://seclists.org/fulldisclosure/2012/Jun/271 http://seclists.org/fulldisclosure/2012/Jun/289 http://www.securityfocus.com/bid/54046 http://www.ubuntu.com/usn/USN-1475-1 http://www.ubuntu.com/usn/USN-1477-1 https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1013128 https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1013639 https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1013681 • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0

The pkgAcqMetaClearSig::Failed method in apt-pkg/acquire-item.cc in Advanced Package Tool (APT) 0.8.11 through 0.8.15.10 and 0.8.16 before 0.8.16~exp13, when updating from repositories that use InRelease files, allows man-in-the-middle attackers to install arbitrary packages by preventing a user from downloading the new InRelease file, which leaves the original InRelease file active and makes it more difficult to detect that the Packages file is modified and unsigned. El método pkgAcqMetaClearSig::Failed en apt-pkg/acquire-item.cc en Advanced Package Tool (APT) 0.8.11 hasta 0.8.15.10 y 0.8.16 anterior a 0.8.16~exp13, cuando actualizando desde repositorios que utilizan ficheros lnRelease, permite a atacantes man-in-the-middle instalar paquetes arbitrarios previniendo al usuario de descargar el nuevo fichero InRelease, el cual deja el fichero InRelease original activo y hace más difícil detectar que el fichero Packages está modificado y no firmado. • http://anonscm.debian.org/gitweb/?p=apt/apt.git%3Ba=commitdiff%3Bh=b7a6594d1e5ed199a7a472b78b33e070375d6f92 http://anonscm.debian.org/gitweb/?p=apt/apt.git%3Ba=commitdiff%3Bh=de498a528cd6fc36c4bb22bf8dec6558e21cc9b6 http://www.ubuntu.com/usn/USN-1385-1 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 2.6EPSS: 0%CPEs: 12EXPL: 0

methods/https.cc in apt before 0.8.11 accepts connections when the certificate host name fails validation and Verify-Host is enabled, which allows man-in-the-middle attackers to obtain repository credentials via unspecified vectors. methods/https.cc en apt anterior a 0.8.11 acepta conexiones cuando el nombre de host del certificado falla la validación y Verify-Host está habilitado, lo que permite a atacantes man-in-the-middle obtener credenciales de repositorios a través de vectores no especificados. • http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3634.html http://www.ubuntu.com/usn/USN-1283-1 https://alioth.debian.org/plugins/scmgit/cgi-bin/gitweb.cgi?p=apt/apt.git%3Ba=blob%3Bf=debian/changelog%3Bhb=HEAD https://bugs.launchpad.net/ubuntu/+source/apt/+bug/868353 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

APT before 0.8.15.2 does not properly validate inline GPG signatures, which allows man-in-the-middle attackers to install modified packages via vectors involving lack of an initial clearsigned message. APT en versiones anteriores a la 0.8.15.2 no valida apropiadamente las firmas GPG adjuntas ("inline"), lo que permite atacantes de hombre en el medio ("man-in-the-middle") instalar paquetes modificados a través de vectores que involucran la falta de un mensaje inicial "clearsigned" (firmado en claro). • http://launchpadlibrarian.net/75126628/apt_0.8.13.2ubuntu2_0.8.13.2ubuntu4.1.diff.gz http://packages.debian.org/changelogs/pool/main/a/apt/current/changelog http://www.securityfocus.com/bid/48671 http://www.ubuntu.com/usn/USN-1169-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/68560 https://launchpad.net/bugs/784473 https://launchpad.net/ubuntu/+archive/primary/+sourcepub/1817196/+listing-archive-extra • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 2%CPEs: 180EXPL: 0

apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote attackers to trick apt into installing malicious repositories. apt-get in apt anterior a 0.7.21 no comprueba adecuadamente el error de codigo en gpgv, lo que hace que apt utilice un repositorio firmado con una clave que ha sido revocada o ha caducado, lo que permite a atacantes remotos engañar a apt en la instlacion de repositorios maliciosos. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=433091 http://secunia.com/advisories/34829 http://secunia.com/advisories/34832 http://secunia.com/advisories/34874 http://www.debian.org/security/2009/dsa-1779 http://www.securityfocus.com/bid/34630 https://bugs.launchpad.net/ubuntu/+source/apt/+bug/356012 https://exchange.xforce.ibmcloud.com/vulnerabilities/50086 https://usn.ubuntu.com/762-1 •