CVE-2011-0725

Aptdaemon 0.40 - Path Traversal via UpdateCachePartially Method

Title source: llm
STIX 2.1

Description

Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sources_list argument, related to the D-Bus interface.

References (6)

Core 6
Core References
Issue Tracking x_refsource_confirm
https://bugs.launchpad.net/bugs/722228
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/46490
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0459
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/65652
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1068-1
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1025107

Scores

EPSS 0.0039
EPSS Percentile 31.1%

Details

CWE
CWE-22
Status published
Products (3)
canonical/ubuntu_linux 10.10
canonical/ubuntu_linux 11.04
sebastian_heinlein/aptdaemon 0.40
Published Feb 23, 2011
Tracked Since Feb 18, 2026