CVE-2012-0954

APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and does not check GPG subkeys, which might allow remote attackers to install altered packages via a man-in-the-middle (MITM) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3587.

CVSS v2.0 2.6 LOW

2.6^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:N/AC:H/Au:N/C:N/I:P/A:N

Exploitability : 4.9 / Impact : 2.9

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.securityfocus.com/bid/54046
http://seclists.org/fulldisclosure/2012/Jun/271
http://www.ubuntu.com/usn/USN-1477-1
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1013681
http://www.ubuntu.com/usn/USN-1475-1
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1013639
http://seclists.org/fulldisclosure/2012/Jun/289
http://seclists.org/fulldisclosure/2012/Jun/267
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1013128

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:debian:advanced_package_tool:0.7.24:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.23.1:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.23:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.22.2:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp1::::::
	cpe:2.3:a:debian:advanced_package_tool:0.7.17:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.16:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.15:exp3::::::
	cpe:2.3:a:debian:advanced_package_tool:0.8.15.8:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.15.7:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.15.6:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.1:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.2-0.1:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.14:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.15:exp1::::::
	cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp3::::::
	cpe:2.3:a:debian:advanced_package_tool:0.7.18:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.20:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.20.1:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.21:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.22.1:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.10:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.10.2:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.10.3:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.11:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.11.1:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.11.2:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.11.3:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.11.5:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.15:exp1::::::
	cpe:2.3:a:debian:advanced_package_tool:0.8.15:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.15:exp3::::::
	cpe:2.3:a:debian:advanced_package_tool:0.8.15.10:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.0:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.2:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.10:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.11:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.12:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.13:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.15:exp2::::::
	cpe:2.3:a:debian:advanced_package_tool:0.7.15:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp2::::::
	cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp4::::::
	cpe:2.3:a:debian:advanced_package_tool:0.7.19:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.20.2:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.7.22:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.0:pre1::::::
	cpe:2.3:a:debian:advanced_package_tool:0.8.0:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.0:pre2::::::
	cpe:2.3:a:debian:advanced_package_tool:0.8.1:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.10.1:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.11.4:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.12:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.13:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.13.1:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.13.2:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.14:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.14.1:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.15:exp2::::::
	cpe:2.3:a:debian:advanced_package_tool:0.8.15.1:::::::*
	cpe:2.3:a:debian:advanced_package_tool:0.8.15.9:::::::*

Information

Published : 2012-06-19 13:55

Updated : 2020-01-08 07:13

NVD link : CVE-2012-0954

Mitre link : CVE-2012-0954

JSON object : View

CWE

CWE-20

Improper Input Validation

Products Affected

debian

advanced_package_tool

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/54046", "name": "54046", "tags": [], "refsource": "BID"}, {"url": "http://seclists.org/fulldisclosure/2012/Jun/271", "name": "20120614 Using second gpg keyring may be misleading?", "tags": [], "refsource": "FULLDISC"}, {"url": "http://www.ubuntu.com/usn/USN-1477-1", "name": "USN-1477-1", "tags": [], "refsource": "UBUNTU"}, {"url": "https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1013681", "name": "https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1013681", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.ubuntu.com/usn/USN-1475-1", "name": "USN-1475-1", "tags": [], "refsource": "UBUNTU"}, {"url": "https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1013639", "name": "https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1013639", "tags": [], "refsource": "CONFIRM"}, {"url": "http://seclists.org/fulldisclosure/2012/Jun/289", "name": "20120615 ubuntu apt-key (part 3)", "tags": [], "refsource": "FULLDISC"}, {"url": "http://seclists.org/fulldisclosure/2012/Jun/267", "name": "20120612 Strange gpg key shadowing", "tags": [], "refsource": "FULLDISC"}, {"url": "https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1013128", "name": "https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1013128", "tags": [], "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and does not check GPG subkeys, which might allow remote attackers to install altered packages via a man-in-the-middle (MITM) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3587."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2012-0954", "ASSIGNER": "security@ubuntu.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 2.6, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "LOW", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2012-06-19T20:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.24:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.23.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.23:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.22.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.15:exp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.15.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.15.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.15.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.2-0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.15:exp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.20.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.22.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.10.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.10.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.11.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.11.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.11.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.11.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.15:exp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.15:exp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.15.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.15:exp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.20.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.7.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.0:pre1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.0:pre2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.10.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.11.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.13.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.13.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.14.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.15:exp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.15.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:debian:advanced_package_tool:0.8.15.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2020-01-08T15:13Z"}

2.6 /10