Mvo

**Name of the Vulnerable Software and Affected Versions** Aptdaemon version 0.43 in Ubuntu versions 11.10 and 12.04 LTS **Description** The issue allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle (MITM) attack. This is due to Aptdaemon using short IDs when importing PPA GPG keys from a keyserver. **Recommendations** For Aptdaemon version 0.43 in Ubuntu versions 11.10 and 12.04 LTS, consider using a secure connection to import PPA GPG keys to minimize the risk of a man-in-the-middle attack. At the moment, there is no information about a newer version that contains a fix for this vulnerability.