Published: 26/12/2012 Updated: 08/01/2020

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Apt 0.8.16~exp5ubuntu13.x prior to 0.8.16~exp5ubuntu13.6, 0.8.16~exp12ubuntu10.x prior to 0.8.16~exp12ubuntu10.7, and 0.9.7.5ubuntu5.x prior to 0.9.7.5ubuntu5.2, as used in Ubuntu, uses world-readable permissions for /var/log/apt/term.log, which allows local users to obtain sensitive shell information by reading the log file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
debian apt 0.9.7
debian advanced package tool 0.8.16

Debian Bug report logs - #695832 apt: CVE-2012-0961 Package: apt; Maintainer for apt is APT Development Team <deity@listsdebianorg>; Source for apt is src:apt (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Thu, 13 Dec 2012 07:54:01 UTC Severity: grave Tags: security Found in version ...

APT could expose sensitive information ...

CWE-200 http://www.ubuntu.com/usn/USN-1662-1 http://www.securityfocus.com/bid/56917 http://secunia.com/advisories/51568 http://osvdb.org/88380 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695832 https://usn.ubuntu.com/1662-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-0961

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect