CVE-2010-0834

Name of the Vulnerable Software and Affected Versions base-files versions prior to 5.0.0ubuntu7.1 on Ubuntu 9.10 base-files versions prior to 5.0.0ubuntu20.10.04.2 on Ubuntu 10.04 LTS

Description The issue allows remote archive servers and man-in-the-middle attackers to execute arbitrary code via a crafted package, as the base-files package does not require authentication for package installation.

Recommendations For base-files versions prior to 5.0.0ubuntu7.1 on Ubuntu 9.10, update to version 5.0.0ubuntu7.1 or later. For base-files versions prior to 5.0.0ubuntu20.10.04.2 on Ubuntu 10.04 LTS, update to version 5.0.0ubuntu20.10.04.2 or later.