CVE-2011-3634 : methods/https.cc in apt before 0.8.11 accepts connections when the certificate h

methods/https.cc in apt before 0.8.11 accepts connections when the certificate host name fails validation and Verify-Host is enabled, which allows man-in-the-middle attackers to obtain repository credentials via unspecified vectors.

Published 2014-03-01 00:55:05

Updated 2025-04-12 10:46:41

Source Red Hat, Inc.

View at NVD, CVE.org

Products affected by CVE-2011-3634

Debian » Advanced Package Tool
Versions up to, including, (<=) 0.8.10.3
cpe:2.3:a:debian:advanced_package_tool:*:*:*:*:*:*:*:*
Matching versions
Debian » Advanced Package Tool » Version: 0.8.10.2
cpe:2.3:a:debian:advanced_package_tool:0.8.10.2:*:*:*:*:*:*:*
Matching versions
Debian » Advanced Package Tool » Version: 0.8.10
cpe:2.3:a:debian:advanced_package_tool:0.8.10:*:*:*:*:*:*:*
Matching versions
Debian » Advanced Package Tool » Version: 0.8.0 Update Pre2
cpe:2.3:a:debian:advanced_package_tool:0.8.0:pre2:*:*:*:*:*:*
Matching versions
Debian » Advanced Package Tool » Version: 0.8.0 Update Pre1
cpe:2.3:a:debian:advanced_package_tool:0.8.0:pre1:*:*:*:*:*:*
Matching versions
Debian » Advanced Package Tool » Version: 0.8.0
cpe:2.3:a:debian:advanced_package_tool:0.8.0:*:*:*:*:*:*:*
Matching versions
Debian » Advanced Package Tool » Version: 0.8.10.1
cpe:2.3:a:debian:advanced_package_tool:0.8.10.1:*:*:*:*:*:*:*
Matching versions
Debian » Advanced Package Tool » Version: 0.8.1
cpe:2.3:a:debian:advanced_package_tool:0.8.1:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 8.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:8.04:-:lts:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 10.10
cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 11.04
cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 10.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*
Matching versions

Threat overview for CVE-2011-3634

Top countries where our scanners detected CVE-2011-3634

Top open port discovered on systems with this issue 8200

IPs affected by CVE-2011-3634 2,320

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2011-3634!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2011-3634

EPSS FAQ

0.16%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 34 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2011-3634

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
2.6	LOW	AV:N/AC:H/Au:N/C:P/I:N/A:N	4.9	2.9	NIST
Access Vector: Network Access Complexity: High Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

CWE ids for CVE-2011-3634

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2011-3634

https://bugs.launchpad.net/ubuntu/+source/apt/+bug/868353

Bug #868353 “in apt-https Verify-Peer does not fail a connection...” : Bugs : apt package : Ubuntu
https://alioth.debian.org/plugins/scmgit/cgi-bin/gitweb.cgi?p=apt/apt.git%3Ba=blob%3Bf=debian/changelog%3Bhb=HEAD
http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3634.html

CVE-2011-3634 in Ubuntu
http://www.ubuntu.com/usn/USN-1283-1

USN-1283-1: APT vulnerability | Ubuntu security notices