CVE-2012-5356

Published Oct 10, 2012
Last updated 3 months ago
CVSS info 5.8
Overview

Description: The apt-add-repository tool in Ubuntu Software Properties 0.75.x before 0.75.10.3, 0.80.x before 0.80.9.2, 0.81.x before 0.81.13.5, 0.82.x before 0.82.7.3, and 0.92.x before 0.92.8 does not properly check PPA GPG keys imported from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle (MITM) attack.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 5.8
Impact score: 4.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-20
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.75.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "184F2D0B-3DF4-4867-9E2A-0DC811B46EBF"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.75.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AFE15797-562D-47C8-8D69-65FC90FB948B"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.75.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A97DA7A-B187-4215-84AD-3A318FDA5AB8"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.75.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD55026D-31A1-4263-BD75-35CFD57B489B"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.75.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6F55FBD-D960-40DB-9B35-59BD01A8F577"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.75.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "17D82146-84C0-4ACB-9EB0-A9080C77D01E"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.75.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "555296EA-799C-4C74-9C1E-951B2A4312B1"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.75.10.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13B0E0DC-E93E-4713-B021-FFECA62619AE"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.75.10.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB2E775F-157E-432C-8B69-FAABBE55879D"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.80:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6797994-29C8-4805-81B0-559BB55EBC77"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.80.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "966039CD-F163-4235-8E6F-B305A3A9099A"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.80.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4B1C439-E7EB-4DAD-86FA-F644D4CED229"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.80.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A886803-A0D4-4A18-B90E-651B8063B1B3"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.80.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5F42DEC-9473-4652-B8D3-A571E46C0136"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.80.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B211FDB5-20DE-41B4-BF79-F0811DF62F9C"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.80.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D12A2FA-3D5D-4152-B939-C5D090BA371E"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.80.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6458D6AD-90B9-4F13-8270-48A47EB2EAA7"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.80.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F936FFDF-CD21-46A6-B42E-C0E536CD3A9D"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.80.9.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88A902AF-FB25-4B10-BF6F-46DCC2FB060C"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A58F01C3-81C2-47DC-A66F-888E45158895"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BAC62A53-C315-4516-892F-F0CF7C598E49"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E72FD830-954B-4F14-9B59-86121269C392"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E0203EF-7FD9-4D97-AC33-6977A38495C5"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "836B0B0F-EA7B-4252-B0B2-8ABBEB1BACD3"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEA06505-8088-443F-8A16-03B5B7459E05"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C9DF802-D20B-4EFD-9397-67FC25B2317B"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E201F029-ED85-483F-A194-A65365D02156"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D4EEE0C-BC05-42CC-A2BD-2CC238A344DF"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13FC087F-1AA1-45DC-978F-B066CA99F7B0"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0303AA5C-C83F-4D3E-A545-A438FF24C18E"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BEF14135-0B89-4428-9D91-4C097E6F5497"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8047C0DE-D3B9-425B-8577-DDA870814B33"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.13.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FDA5D81E-5195-41D7-AAE1-79AE77C167A5"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.13.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7CA5A01-94AD-46E5-BDC0-E1984D644CB4"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.13.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5911C646-504F-4347-B3C4-7CAA352891D2"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.13.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8196D7D1-C25C-4506-9A77-0BD547164450"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.82:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F5CE606-E5CE-475A-8334-48017B2EF899"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.82.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ABB71F54-4B83-454E-A7BF-9A52B216FBB2"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.82.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8F01FF0-F862-4823-B7EC-4138A69047B1"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.82.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4AD8700D-3EE2-4BA9-8C99-D871F98B26A9"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.82.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F73A0D7-2AA2-4F18-BB68-4B39DE951FAE"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.82.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4DC8A9E-2C1D-404B-BBF6-E5CE7A5204D0"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.82.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADC6A6AA-C090-4816-8AA3-A95C036FC203"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.82.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DCE0CFE0-6F72-4C6E-B55C-A5931D2C4142"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.82.7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E22A4E5-3CB2-49DB-BD12-764D00A6C379"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.92:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CCECD13-39EE-4AB4-AC40-3963FD8B80B2"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.92.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "910B4E1F-1746-4902-BF42-1FCC2CA7E89D"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.92.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4DF85285-18BE-48D4-9A79-5999424DA5A0"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.92.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "11743C71-8DEC-41F1-9E9F-A1C0323EF4C5"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.92.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "541975D2-A4B9-44ED-AE37-FE525E5C2A94"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.92.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DCB55949-1DF4-4A4E-88B8-FBF78744D8A1"
          },
          {
            "criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.92.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C77BCD4-680F-4D6D-9B4B-523BBFC68930"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
