Insecure File Permissions in Debian GNU/Linux apt-setup
CVE-2005-2214

Currently unrated

Key Information:

Vendor: Debian
Status: Apt-setup
Vendor: CVE Published:; 11 July 2005

Summary

The configuration process of apt-setup in Debian GNU/Linux installs the apt.conf file with insufficient file permissions, enabling local users to gain unauthorized access to sensitive information, such as passwords. This vulnerability poses risks for systems where local access is not adequately controlled, allowing potential exploitation by users with malicious intent.

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=305142

x_refsource_MISC

http://secunia.com/advisories/15955

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/14173

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Jul 12, 2005
Vulnerability published
Jul 11, 2005