APT before 0.8.15.2 does not properly validate inline GPG signatures, which allows man-in-the-middle attackers to install modified packages via vectors involving lack of an initial clearsigned message.
References
Link | Resource |
---|---|
http://launchpadlibrarian.net/75126628/apt_0.8.13.2ubuntu2_0.8.13.2ubuntu4.1.diff.gz | Patch Third Party Advisory |
http://packages.debian.org/changelogs/pool/main/a/apt/current/changelog | Release Notes Vendor Advisory |
http://www.securityfocus.com/bid/48671 | Third Party Advisory VDB Entry |
http://www.ubuntu.com/usn/USN-1169-1 | Third Party Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/68560 | Third Party Advisory VDB Entry |
https://launchpad.net/bugs/784473 | Third Party Advisory |
https://launchpad.net/ubuntu/+archive/primary/+sourcepub/1817196/+listing-archive-extra | Patch |
Configurations
History
25 Mar 2021, 19:27
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:debian:apt:0.1.5:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.8.8:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.26:exp6:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.10:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.15:exp2:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.15:exp2:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.32:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.9:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.41:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.15:exp3:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.1.3:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.4:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.0.10:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.6:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.38:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.3.1:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp2:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.44.2:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.15:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.24:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.21:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.26:exp7:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.15:exp3:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.10.2:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.27:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.10:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.14:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.2:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.13:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.36:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.19:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.14.1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.8.9:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.3.9:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.3:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.30:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.0.15-0.1bo:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.33:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.26:exp12:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.10.3:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.16:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.0.1:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.12:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.3.6:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.20.1:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.11.3:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp3:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.27:ubuntu1:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.40:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.10:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.2-0.1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.46.2:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.12:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.8.7:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.19:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.13:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.3.3:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.42.1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.30:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.26:exp4:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.17:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.0.17-1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.12:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.1.6:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.0.13-bo1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.22:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.29:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.27:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.8.5:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.28:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.0:pre2:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.10:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.6:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.20:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.13.1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.14:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.46:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.26:exp9:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.0.8:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.36:ubuntu1:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.24:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.0.13:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.7:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.25:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.11.4:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.15:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.25.1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.0.15:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.40.1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.30:ubuntu1:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.10.1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.26:exp3:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.43.2:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.3.7:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.1:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.23.1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.0.12:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.31:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.6:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.11.5:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.28:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.16:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.26:exp1:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.8.4:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.39:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.4:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.46.3:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.21:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.0.9:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.1.9:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.11.1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.5:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.21:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.27:ubuntu4:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.7:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.18:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.3.0:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.0.4:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.3.15:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.4:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.9:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.30:ubuntu2:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.0.7:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.25.2:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.8.6:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.3.13:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.15:exp1:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.31:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.14:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.18:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.15:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.35:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.8:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.11:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.8:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.0.3:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.0.16-1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.44.2:exp1:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.20:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.16:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.25:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.5:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.34:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.3:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.32:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.15:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.26:exp10:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.1.1:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.22:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.3.2:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.0:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.11:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.1.7:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.43:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.46.3-0.2:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.22:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.17:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.3.16:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.19:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.18:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.46.3-0.1:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.13:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.8:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.11:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.43.3:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.22.2:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.0:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.0.5:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.2:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.11.2:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.37:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.3:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.44:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.26:exp2:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.17:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.23:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.0.2:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.46.4-0.1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.2:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.20:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.26:exp11:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.0:pre1:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.7:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.15:exp1:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.3.4:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.27:ubuntu3:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.42:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.12:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.5:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.0.14:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.13:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.25.3:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.8.2:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.42.2:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.43.1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.0.15-0.2bo:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.5.1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.25:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.44.1:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp4:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.29:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.14:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.9:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.44.1-0.1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.8.3:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.20.2:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.46.1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.3.18:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.0:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.3.11:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.27:ubuntu2:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.45:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.0.6:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.5.26:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.3.17:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.24:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.0.11:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.11:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.23:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.8.13.2:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.3.19:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.26:exp8:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.7.26:exp5:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.3.12:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.22.1:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.3.14:*:*:*:*:*:*:* cpe:2.3:a:debian:apt:0.6.42.3:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.0:*:*:*:*:*:*:* cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp1:*:*:*:*:*:* |
cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:* |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/68560 - Third Party Advisory, VDB Entry | |
References | (CONFIRM) http://packages.debian.org/changelogs/pool/main/a/apt/current/changelog - Release Notes, Vendor Advisory | |
References | (CONFIRM) https://launchpad.net/bugs/784473 - Third Party Advisory | |
References | (UBUNTU) http://www.ubuntu.com/usn/USN-1169-1 - Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/48671 - Third Party Advisory, VDB Entry | |
References | (CONFIRM) http://launchpadlibrarian.net/75126628/apt_0.8.13.2ubuntu2_0.8.13.2ubuntu4.1.diff.gz - Patch, Third Party Advisory |
Information
Published : 2011-07-27 02:55
Updated : 2023-12-10 11:03
NVD link : CVE-2011-1829
Mitre link : CVE-2011-1829
CVE.ORG link : CVE-2011-1829
JSON object : View
Products Affected
debian
- advanced_package_tool
canonical
- ubuntu_linux
CWE
CWE-20
Improper Input Validation