PT-2015-5211 · Canonical · Aptdaemon+1
Tavis Ormandy
·
Published
2015-06-16
·
Updated
2017-07-25
·
CVE-2015-1323
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
aptdaemon versions prior to 1.1.1+bzr982-0ubuntu3.1
aptdaemon versions prior to 1.1.1+bzr980-0ubuntu1.1
aptdaemon versions prior to 1.1.1-1ubuntu5.2
aptdaemon versions prior to 0.43+bzr805-0ubuntu10
Description
The issue allows local users to obtain sensitive information or access files with root permissions due to a problem with the simulate dbus method in aptdaemon.
Recommendations
For versions prior to 1.1.1+bzr982-0ubuntu3.1, update to version 1.1.1+bzr982-0ubuntu3.1 or later.
For versions prior to 1.1.1+bzr980-0ubuntu1.1, update to version 1.1.1+bzr980-0ubuntu1.1 or later.
For versions prior to 1.1.1-1ubuntu5.2, update to version 1.1.1-1ubuntu5.2 or later.
For versions prior to 0.43+bzr805-0ubuntu10, update to version 0.43+bzr805-0ubuntu10 or later.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ubuntu
Aptdaemon