Summary
Guillem Jover discovered that the changelog retrieval functionality in apt-get used temporary files in an insecure way, allowing a local user to cause arbitrary files to be overwritten.
This vulnerability is neutralized by the fs.protected_symlinks setting in the Linux kernel, which is enabled by default in Debian 7 Wheezy and up.
Solution
For the stable distribution (wheezy), this problem has been fixed in version 0.9.7.9+deb7u6.
For the unstable distribution (sid), this problem has been fixed in version 1.0.9.2.
We recommend that you upgrade your apt packages.
Insight
This package provides commandline tools for searching and managing as well as querying information about packages as a low-level access to all features of the libapt-pkg library.
Affected
apt on Debian Linux
Detection
This check tests the installed software version using the apt package manager.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-7206 -
CVSS Base Score: 3.6
AV:L/AC:L/Au:N/C:N/I:P/A:P
Related Vulnerabilities