Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.841969
Kategorie:Ubuntu Local Security Checks
Titel:Ubuntu Update for apt USN-2348-1
Zusammenfassung:The remote host is missing an update for the 'apt'; package(s) announced via the referenced advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'apt'
package(s) announced via the referenced advisory.

Vulnerability Insight:
It was discovered that APT did not
re-verify downloaded files when the If-Modified-Since wasn't met. (CVE-2014-0487)

It was discovered that APT did not invalidate repository data when it
switched from an unauthenticated to an authenticated state. (CVE-2014-0488)

It was discovered that the APT Acquire::GzipIndexes option caused APT to
skip checksum validation. This issue only applied to Ubuntu 12.04 LTS and
Ubuntu 14.04 LTS, and was not enabled by default. (CVE-2014-0489)

It was discovered that APT did not correctly validate signatures when
downloading source packages using the download command. This issue only
applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-0490)

Affected Software/OS:
apt on Ubuntu 14.04 LTS,
Ubuntu 12.04 LTS,
Ubuntu 10.04 LTS

Solution:
Please Install the Updated Packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2014-0487
Debian Security Information: DSA-3025 (Google Search)
http://www.debian.org/security/2014/dsa-3025
http://secunia.com/advisories/61275
http://secunia.com/advisories/61286
http://ubuntu.com/usn/usn-2348-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-0488
Common Vulnerability Exposure (CVE) ID: CVE-2014-0489
Common Vulnerability Exposure (CVE) ID: CVE-2014-0490
CopyrightCopyright (C) 2014 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.