[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97559

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2011-0725

Date: (C)2011-02-23   (M)2017-08-18
 
CVSS Score: 4.9Access Vector: LOCAL
Exploitability Subscore: 3.9Access Complexity: LOW
Impact Subscore: 6.9Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: NONE
 Availability: NONE











Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sources_list argument, related to the D-Bus interface.

Reference:
SECTRACK-1025107
BID-46490
ADV-2011-0459
USN-1068-1
aptdaemon-updatecache-info-disc(65652)
https://bugs.launchpad.net/bugs/722228

CPE    3
cpe:/o:canonical:ubuntu_linux:11.04
cpe:/a:sebastian_heinlein:aptdaemon:0.40
cpe:/o:canonical:ubuntu_linux:10.10
CWE    1
CWE-22
OVAL    1
oval:org.secpod.oval:def:700237

© 2013 SecPod Technologies