CVE-2011-4407
CVE-2011-4407
ppa.py in Software Properties before 0.81.13.3 does not validate the server certificate when downloading PPA GPG key fingerprints, which allows man-in-the-middle (MITM) attackers to spoof GPG keys for a package repository.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →