Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sources_list argument, related to the D-Bus interface.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sebastian_heinlein aptdaemon 0.40 |
||
canonical ubuntu_linux 10.10 |
||
canonical ubuntu_linux 11.04 |