Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-0725

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2011-0725
Last Modified 10 Mar 2011 10:51:03
Published 23 Feb 2011 02:00:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2011-0725

Summary

Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sources_list argument, related to the D-Bus interface.

Vulnerable Systems

Operating System

  • Canonical Ubuntu Linux 10.10

  • Canonical Ubuntu Linux 11.04

Application

  • Sebastian Heinlein Aptdaemon 0.40


References

CONFIRM - https://bugs.launchpad.net/bugs/722228

XF - aptdaemon-updatecache-info-disc(65652)

VUPEN - ADV-2011-0459

UBUNTU - USN-1068-1

SECTRACK - 1025107

BID - 46490


Last Updated: 27 May 2016 10:56:02