PT-2019-6671 · Debian · Apt+1

Georgi Guninski

Publicado

2019-11-25

Atualizado

2025-09-15

CVE-2011-3374

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions apt (affected versions not specified)

Description The issue is related to the incorrect validation of gpg keys with the master keyring by apt-key in apt, which can lead to a potential man-in-the-middle attack.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Verification of Cryptographic Signature

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-347

Identificadores relacionados

CVE-2011-3374

ECHO-FC06-5395-FA6D

SNYK-LINUX-APT-116518

Produtos afetados

Debian

Apt

PT-2019-6671 · Debian · Apt+1

CVE-2011-3374

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 14