Man-in-the-Middle Vulnerability in Aptdaemon for Ubuntu
CVE-2012-0962

Currently unrated

Key Information:

Vendor

Canonical

Vendor
CVE Published:
26 December 2012

What is CVE-2012-0962?

The Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS utilizes short identifiers when importing GPG keys from PPA keyservers. This design flaw allows attackers to intercept and manipulate communications, making it possible for them to inject malicious GPG keys. This can lead to the installation of unauthorized package repositories, compromising the integrity and security of the affected system.

References

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.
CVE-2012-0962 : Man-in-the-Middle Vulnerability in Aptdaemon for Ubuntu