Vulnerability Details : CVE-2011-3152
DistUpgrade/DistUpgradeFetcherCore.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 on Ubuntu 8.04 through 11.10 does not verify the GPG signature before extracting an upgrade tarball, which allows man-in-the-middle attackers to (1) create or overwrite arbitrary files via a directory traversal attack using a crafted tar file, or (2) bypass authentication via a crafted meta-release file.
Vulnerability category: Directory traversal
Threat overview for CVE-2011-3152
Top countries where our scanners detected CVE-2011-3152
Top open port discovered on systems with this issue
8200
IPs affected by CVE-2011-3152 2,348
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2011-3152!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2011-3152
Probability of exploitation activity in the next 30 days: 0.14%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 49 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2011-3152
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:P/A:N |
10.0
|
4.9
|
NIST |
CWE ids for CVE-2011-3152
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-3152
-
https://bugs.launchpad.net/ubuntu/%2Bsource/update-manager/%2Bbug/881548
Bug #881548 “Insecure use of tarfile module PRIOR to validation ...” : Bugs : update-manager package : Ubuntu
-
http://www.securityfocus.com/bid/50833
Ubuntu Update Manager GPG Signature Verification Security Bypass Vulnerability
-
http://www.ubuntu.com/usn/USN-1284-1
USN-1284-1: Update Manager vulnerabilities | Ubuntu security noticesVendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/71494
Ubuntu Update Manager GPG security bypass CVE-2011-3152 Vulnerability Report
Products affected by CVE-2011-3152
- cpe:2.3:o:canonical:ubuntu_linux:8.04:-:lts:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*
- cpe:2.3:a:canonical:update-manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:update-manager:1\:0.134.7:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:update-manager:1\:0.142.19:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:update-manager:1\:0.150:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:update-manager:1\:0.152.25:*:*:*:*:*:*:*