Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0961

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2012-0961
Last Modified 31 Dec 2012 12:00:00
Published 26 Dec 2012 05:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2012-0961

Summary

Apt 0.8.16~exp5ubuntu13.x before 0.8.16~exp5ubuntu13.6, 0.8.16~exp12ubuntu10.x before 0.8.16~exp12ubuntu10.7, and 0.9.7.5ubuntu5.x before 0.9.7.5ubuntu5.2, as used in Ubuntu, uses world-readable permissions for /var/log/apt/term.log, which allows local users to obtain sensitive shell information by reading the log file.

Vulnerable Systems

Application

  • Debian Apt 0.8.16

  • Debian Apt 0.9.7


References

UBUNTU - USN-1662-1

BID - 56917

SECUNIA - 51568

OSVDB - 88380


Last Updated: 27 May 2016 10:42:33