Filtered by vendor Sebastian Heinlein
Subscribe
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2012-0944 | 2 Canonical, Sebastian Heinlein | 2 Ubuntu Linux, Aptdaemon | 2017-08-28 | 4.3 MEDIUM | N/A |
Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does not authenticate packages when the transaction is not simulated, which allows remote attackers to install arbitrary packages via a man-in-the-middle attack. | |||||
CVE-2011-0725 | 2 Canonical, Sebastian Heinlein | 2 Ubuntu Linux, Aptdaemon | 2017-08-16 | 4.9 MEDIUM | N/A |
Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sources_list argument, related to the D-Bus interface. | |||||
CVE-2012-0962 | 2 Canonical, Sebastian Heinlein | 2 Ubuntu Linux, Aptdaemon | 2012-12-27 | 4.3 MEDIUM | N/A |
Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when importing PPA GPG keys from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle (MITM) attack. |