Local File Exposure in Update Manager by Canonical
CVE-2011-3154

Currently unrated

Key Information:

Vendor

Canonical

Status
Ubuntu Linux
Update-manager
Vendor
CVE Published:
17 April 2014

What is CVE-2011-3154?

The Update Manager in Canonical's Ubuntu prior to specified versions is susceptible to a local vulnerability where temporary files are not securely created, potentially allowing local users to exploit symlink attacks to access sensitive information contained within the XAUTHORITY file. This vulnerability highlights the risks associated with insufficient file handling and symlink management in software applications.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://bugs.launchpad.net/ubuntu/+source/update-manager/...
x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-1284-1
vendor-advisoryx_refsource_UBUNTU
http://secunia.com/advisories/47024
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.