Sebastian Heinlein: >> Aptdaemon >> 0.40 Security Vulnerabilities
Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does not authenticate packages when the transaction is not simulated, which allows remote attackers to install arbitrary packages via a man-in-the-middle attack.
CVSS Score
4.3
EPSS Score
0.005
Published
2012-06-04
Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sources_list argument, related to the D-Bus interface.
CVSS Score
4.9
EPSS Score
0.001
Published
2011-02-23