Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-1051HistoryMar 21, 2013 - 5:55 p.m.
CVE-2013-1051
2013-03-2117:55:01
Debian Security Bug Tracker
security-tracker.debian.org
11
cve-2013-1051
inrelease files
man-in-the-middle
integrity checking
third-party repositories
unix
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.001
Percentile
32.4%
apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | apt | < 0.9.7.8 | apt_0.9.7.8_all.deb |
| Debian | 11 | all | apt | < 0.9.7.8 | apt_0.9.7.8_all.deb |
| Debian | 999 | all | apt | < 0.9.7.8 | apt_0.9.7.8_all.deb |
| Debian | 13 | all | apt | < 0.9.7.8 | apt_0.9.7.8_all.deb |
Related
openvas
openvas
Ubuntu: Security Advisory (USN-1762-1)
2013-03-15 00:00:00
Ubuntu Update for apt USN-1762-1
2013-03-15 00:00:00
ubuntu
ubuntu
APT vulnerability
2013-03-14 00:00:00
prion
prion
Code injection
2013-03-21 17:55:00
cvelist
cvelist
CVE-2013-1051
2013-03-21 17:00:00
cve
cve
CVE-2013-1051
2013-03-21 17:55:01
nessus
nessus
Ubuntu 11.10 / 12.04 LTS / 12.10 : apt vulnerability (USN-1762-1)
2013-03-15 00:00:00
ubuntucve
ubuntucve
CVE-2013-1051
2013-03-14 00:00:00
securityvulns
securityvulns
[USN-1762-1] APT vulnerability
2013-03-24 00:00:00
apt protection bypass
2013-03-24 00:00:00
nvd
nvd
CVE-2013-1051
2013-03-21 17:55:01
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.001
Percentile
32.4%
Related for DEBIANCVE:CVE-2013-1051