Authentication Bypass in Ubuntu's Base-Files Package on Dell Latitude 2110
CVE-2010-0834

Currently unrated

Key Information:

Vendor: Ubuntu
Status: Ubuntu Linux
Vendor: CVE Published:; 10 August 2010

What is CVE-2010-0834?

The base-files package on specific versions of Ubuntu allows unauthorized package installations due to a lack of authentication requirements. This vulnerability can be exploited by remote archive servers and man-in-the-middle attackers to execute arbitrary code by delivering a crafted package. The affected versions include Ubuntu 9.10 prior to 5.0.0ubuntu7.1 and Ubuntu 10.04 LTS prior to 5.0.0ubuntu20.10.04.2, which shipped on Dell Latitude 2110 netbooks.

References

http://www.securityfocus.com/bid/42280

vdb-entryx_refsource_BID

http://secunia.com/advisories/40889

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2010/2015

vdb-entryx_refsource_VUPEN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 10, 2010