5.5
CVSSv3

CVE-2015-1323

CVSSv4: NA | CVSSv3: 5.5 | CVSSv2: 4.9 | VMScore: 650 | EPSS: 0.00042 | KEV: Not Included
Published: 21/07/2017 Updated: 21/11/2024

Vulnerability Summary

The simulate dbus method in aptdaemon prior to 1.1.1+bzr982-0ubuntu3.1 as packaged in Ubuntu 15.04, prior to 1.1.1+bzr980-0ubuntu1.1 as packaged in Ubuntu 14.10, prior to 1.1.1-1ubuntu5.2 as packaged in Ubuntu 14.04 LTS, prior to 0.43+bzr805-0ubuntu10 as packaged in Ubuntu 12.04 LTS allows local users to obtain sensitive information, or access files with root permissions.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

canonical ubuntu linux 12.04

canonical ubuntu linux 14.04

canonical ubuntu linux 14.10

canonical ubuntu linux 15.04

Vendor Advisories

Aptdaemon could be made to expose sensitive information, or allow file access as the administrator ...
Debian Bug report logs - #789162 aptdaemon: CVE-2015-1323: information disclosure via simulate dbus method Package: src:aptdaemon; Maintainer for src:aptdaemon is Julian Andres Klode <jak@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 18 Jun 2015 12:36:02 UTC Severity: grave Tags: jessi ...

Exploits

aptdaemon versions prior to 111 suffer from a file existence disclosure vulnerability ...