CVE-2012-3587

Published Jun 19, 2012
Last updated 5 years ago
CVSS info 2.6
Overview

Description: APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and does not check GPG subkeys, which might allow remote attackers to install Trojan horse packages via a man-in-the-middle (MITM) attack.
Source: cve@mitre.org
NVD status: Analyzed
Risk scores

CVSS 2.0

Type: Primary
Base score: 2.6
Impact score: 2.9
Exploitability score: 4.9
Vector string: AV:N/AC:H/Au:N/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-20
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2372DE68-69A3-44B6-A42E-1C8EA272FAC6"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F846A10-711A-42A1-A71A-FB11D4B511F0"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3E070DA8-E764-4C1B-BCDB-F15597ABE7AB"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.2-0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DCEE6BF2-3B33-41F7-84C4-626D1559FB24"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BDAAE90-9BD4-4160-89D3-162561CB30BA"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CBC7B0DD-F983-41DC-BB78-52FB53C044DB"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B832BF3E-A081-4708-8D54-C5BC827965E9"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31586872-C049-4125-B82A-FEA8B06FDF7B"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F377D69-4C1D-4D1A-96D9-B7724756CA3D"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71851F90-85E4-4250-B9FB-320A33B04B58"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.15:exp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C6356166-F4D5-4B50-94AE-7A25803FFF38"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.15:exp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D7D88AF-16B4-4C3F-AF7D-8773CB08BA01"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.15:exp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F293909-BFDB-49A2-AF03-6ADACE195204"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E138D3A7-F289-4491-A24D-4DF2F179EAAB"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19ED89FC-F907-4126-B969-625887306487"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F467E33-20AC-401C-AF1F-8F4BC0CB0C37"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "595406A6-DFD2-4E26-82C8-745E0AC0D6B6"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4ED3DB0F-E9BF-4E23-8057-AACA17475C66"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39A7A479-6225-43EA-B010-46EF4BC77E10"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9EC4CC2E-7E68-4360-8360-B0463D9B6B79"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF988A0E-A630-40DD-9387-2C1610D2F932"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "63E05BE6-9BDF-441E-873E-A4D965B3494F"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.20.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EBE7EC9A-2E4D-4A60-AC88-F390F5B3432A"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.20.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2257DAB-0A44-4841-9EF9-CBBF9BB68F40"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "47EDE750-C502-4B25-829D-D0C0F2653C19"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "189E20DE-EEFB-488A-B741-4BC80CF553B9"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.22.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96D80D63-6971-4CC7-A9A8-D9D05767F60A"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.22.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1186DDDE-FCF4-45B8-A7EA-2DAE8DA3F010"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58F88656-5BF9-4D51-9C37-26E9685484F9"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.23.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9AB74135-2BB7-42F7-99CB-AFF0B811B66A"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.7.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B025168-8319-45C2-82BC-97EBD5EE563E"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58F0D8BF-F9D3-40D0-AD71-9978F2A1FD29"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.0:pre1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E82F9BF7-D4DD-4CF5-BE57-4772B7DDD5D8"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.0:pre2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F4BC141-EEEB-4D0B-A3D4-24929855B685"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CA54D7A-9296-4530-8215-6EB708DDE2B7"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04F345BE-745C-418D-BF0F-B7A5F1E3A5B7"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.10.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46799DD7-E46E-4EB2-AF13-852407384A5C"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.10.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C417AF8F-D12C-4759-B99D-C60E139B9946"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.10.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "225275E2-3E9E-48FE-A2FF-9FE37A67E550"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3EA2183D-7D9E-4841-A1C9-B843AF3A03F2"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.11.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7EAB3B8A-BDFA-4EDD-9A6D-F3CDE4977EDD"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.11.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A629D58-017D-4F27-B286-42094C727822"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.11.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9817661D-CACE-4D81-9432-2CDE5A51F4DB"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.11.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1A65066-5A1A-4091-9219-6060A662653D"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.11.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FAFCA592-F57F-4C12-A1F7-496BDFB2A4A3"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9793E4BB-5969-45DB-B9F6-29CB9C98D559"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7427F24E-D3CB-498E-8695-9FC40546CFA5"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.13.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70A8FE33-63BC-4145-A6CA-90A61CB81AC8"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.13.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08C018A3-012C-4790-9D09-36661549A6E7"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "406C6D95-53B7-4950-83C5-4C27E755F24A"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.14.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F0E56161-E80F-4EC4-9D1C-0FBCA672EEFB"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64C1D283-9326-4A6E-9529-BA8D26A36CE1"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.15:exp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1784FE65-DAE2-4E97-96A3-9A1835040245"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.15:exp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6368BAB5-D44D-42B3-B5F7-E343E1101CDF"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.15:exp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2D3D5D9-97D1-44C6-B3BE-C9CFC1451FD6"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.15.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F5C252C-76F7-492F-AFFB-3BE2A63EE22E"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.15.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "233F5902-0AF1-4417-8C97-34C9B64C09AD"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.15.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D613D7E-4456-4F47-9F13-F5D746F8715B"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.15.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6DBD6821-E6C3-4F76-89C9-19478D8EB13A"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.15.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E7D4F82-45B9-4FC9-85C5-3F5E3966A243"
          },
          {
            "criteria": "cpe:2.3:a:debian:advanced_package_tool:0.8.15.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "475F9461-71F5-4E01-9399-E0413390A423"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
