Unrated severityNVD Advisory· Published Jun 4, 2012· Updated Apr 29, 2026

CVE-2012-0944

Description

Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does not authenticate packages when the transaction is not simulated, which allows remote attackers to install arbitrary packages via a man-in-the-middle attack.

Affected products

Sebastian Heinlein/Aptdaemon9 versions
cpe:2.3:a:sebastian_heinlein:aptdaemon:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:sebastian_heinlein:aptdaemon:*:*:*:*:*:*:*:*range: <=0.42
- cpe:2.3:a:sebastian_heinlein:aptdaemon:0.20:*:*:*:*:*:*:*
- cpe:2.3:a:sebastian_heinlein:aptdaemon:0.30:*:*:*:*:*:*:*
- cpe:2.3:a:sebastian_heinlein:aptdaemon:0.31:*:*:*:*:*:*:*
- cpe:2.3:a:sebastian_heinlein:aptdaemon:0.32:*:*:*:*:*:*:*
- cpe:2.3:a:sebastian_heinlein:aptdaemon:0.33:*:*:*:*:*:*:*
- cpe:2.3:a:sebastian_heinlein:aptdaemon:0.34:*:*:*:*:*:*:*
- cpe:2.3:a:sebastian_heinlein:aptdaemon:0.40:*:*:*:*:*:*:*
- cpe:2.3:a:sebastian_heinlein:aptdaemon:0.41:*:*:*:*:*:*:*
Canonical/Ubuntu Linux3 versions
cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:lts:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/48688nvdVendor Advisory
ubuntu.com/usn/usn-1414-1nvd
www.osvdb.org/80887nvd
www.securityfocus.com/bid/52855nvd
bugs.launchpad.net/ubuntu/%2Bsource/aptdaemon/%2Bbug/959131nvd
exchange.xforce.ibmcloud.com/vulnerabilities/74553nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000