CVE-2009-1358

apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote attackers to trick apt into installing malicious repositories.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:debian:advanced_package_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.2-0.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.10:*:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.11:*:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.12:*:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.13:*:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.14:*:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.15:*:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.15:exp1:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.15:exp2:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.15:exp3:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.16:*:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.17:*:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp1:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp2:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp3:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp4:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.18:*:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.19:*:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.20.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.20.2:*:*:*:*:*:*:*
cpe:2.3:a:debian:advanced_package_tool:0.7.21:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.0.3:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.0.4:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.0.5:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.0.6:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.0.7:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.0.8:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.0.9:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.0.10:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.0.11:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.0.12:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.0.13:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.0.13-bo1:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.0.14:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.0.15:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.0.15-0.1bo:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.0.15-0.2bo:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.0.16-1:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.0.17-1:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.1.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.1.3:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.1.5:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.1.6:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.1.7:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.1.9:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.3.2:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.3.3:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.3.4:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.3.6:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.3.7:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.3.9:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.3.11:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.3.12:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.3.13:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.3.14:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.3.15:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.3.16:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.3.17:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.3.18:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.3.19:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.3:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.4:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.5:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.5.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.6:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.7:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.8:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.9:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.10:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.11:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.12:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.13:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.14:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.15:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.16:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.17:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.18:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.19:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.20:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.21:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.22:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.23:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.24:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.25:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.26:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.27:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.28:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.29:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.30:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.30:ubuntu1:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.30:ubuntu2:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.31:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.5.32:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.4:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.5:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.6:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.7:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.8:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.9:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.10:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.11:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.12:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.13:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.14:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.15:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.16:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.17:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.18:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.19:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.20:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.21:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.22:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.23:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.24:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.25:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.27:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.27:ubuntu1:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.27:ubuntu2:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.27:ubuntu3:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.27:ubuntu4:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.28:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.29:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.30:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.31:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.32:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.33:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.34:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.35:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.36:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.36:ubuntu1:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.37:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.38:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.39:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.40:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.40.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.41:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.42:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.42.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.42.2:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.42.3:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.43:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.43.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.43.2:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.43.3:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.44:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.44.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.44.1-0.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.44.2:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.44.2:exp1:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.45:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.46:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.46.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.46.2:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.46.3:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.46.3-0.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.46.3-0.2:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.6.46.4-0.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.7.4:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.7.5:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.7.6:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.7.7:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.7.8:*:*:*:*:*:*:*
cpe:2.3:a:debian:apt:0.7.9:*:*:*:*:*:*:*

History

21 Nov 2024, 01:02

Type Values Removed Values Added
References () http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=433091 - () http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=433091 -
References () http://secunia.com/advisories/34829 - () http://secunia.com/advisories/34829 -
References () http://secunia.com/advisories/34832 - () http://secunia.com/advisories/34832 -
References () http://secunia.com/advisories/34874 - () http://secunia.com/advisories/34874 -
References () http://www.debian.org/security/2009/dsa-1779 - () http://www.debian.org/security/2009/dsa-1779 -
References () http://www.securityfocus.com/bid/34630 - () http://www.securityfocus.com/bid/34630 -
References () https://bugs.launchpad.net/ubuntu/+source/apt/+bug/356012 - () https://bugs.launchpad.net/ubuntu/+source/apt/+bug/356012 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/50086 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/50086 -
References () https://usn.ubuntu.com/762-1/ - () https://usn.ubuntu.com/762-1/ -

Information

Published : 2009-04-21 23:30

Updated : 2024-11-21 01:02


NVD link : CVE-2009-1358

Mitre link : CVE-2009-1358

CVE.ORG link : CVE-2009-1358


JSON object : View

Products Affected

debian

  • advanced_package_tool
  • apt