Man-in-the-Middle Vulnerability in APT Package Manager by Debian and Ubuntu
CVE-2014-0478

Currently unrated

Key Information:

Vendor

Debian
Status
Advanced Package Tool
Vendor
CVE Published:
17 June 2014

What is CVE-2014-0478?

A vulnerability exists in the APT package manager prior to version 1.0.4, where insufficient validation of source packages enables man-in-the-middle attackers to manipulate package downloads. By stripping the Release signature, an attacker can force users to download and install malicious packages, potentially compromising system integrity and security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/58843
third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/59358
third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2014/dsa-2958
vendor-advisoryx_refsource_DEBIAN

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.