Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-3634HistoryMar 01, 2014 - 12:55 a.m.
CVE-2011-3634
2014-03-0100:55:04
Debian Security Bug Tracker
security-tracker.debian.org
14
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
EPSS
0.001
Percentile
39.8%
methods/https.cc in apt before 0.8.11 accepts connections when the certificate host name fails validation and Verify-Host is enabled, which allows man-in-the-middle attackers to obtain repository credentials via unspecified vectors.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | apt | < 0.8.11 | apt_0.8.11_all.deb |
| Debian | 11 | all | apt | < 0.8.11 | apt_0.8.11_all.deb |
| Debian | 999 | all | apt | < 0.8.11 | apt_0.8.11_all.deb |
| Debian | 13 | all | apt | < 0.8.11 | apt_0.8.11_all.deb |
Related
prion
prion
Design/Logic Flaw
2014-03-01 00:55:00
ubuntu
ubuntu
APT vulnerability
2011-11-28 00:00:00
openvas
openvas
Ubuntu Update for apt USN-1283-1
2011-12-02 00:00:00
Ubuntu: Security Advisory (USN-1283-1)
2011-12-02 00:00:00
Debian: Security Advisory (DLA-0005-1)
2023-03-08 00:00:00
nessus
nessus
Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : apt vulnerability (USN-1283-1)
2011-11-29 00:00:00
nvd
nvd
CVE-2011-3634
2014-03-01 00:55:04
cvelist
cvelist
CVE-2011-3634
2014-02-28 18:00:00
ubuntucve
ubuntucve
CVE-2011-3634
2011-10-28 00:00:00
cve
cve
CVE-2011-3634
2014-03-01 00:55:04
osv
osv
apt - security update
2014-06-12 00:00:00
debian
debian
apt security update
2014-06-12 18:15:29
apt security update
2014-06-12 18:15:47
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
EPSS
0.001
Percentile
39.8%
Related for DEBIANCVE:CVE-2011-3634