Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0949

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-0949
Last Modified 20 Jun 2012 12:00:00
Published 31 May 2012 01:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-0949

Summary

The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and 11.04 uploads certain system state archive files when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report.

Vulnerable Systems

Operating System

  • Canonical Ubuntu Linux 11.04

  • Canonical Ubuntu Linux 11.10

  • Canonical Ubuntu Linux 12.04


References

XF - update-manager-archives-info-disclosure(75728)

UBUNTU - USN-1443-1

BID - 53605

SECUNIA - 49230

OSVDB - 82020


Last Updated: 27 May 2016 10:47:11