CVE-2015-1330

unattended-upgrades before 0.86.1 does not properly authenticate packages when the (1) force-confold or (2) force-confnew dpkg options are enabled in the DPkg::Options::* apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors.

Weakness

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Affected Software

Name	Vendor	Start Version	End Version
Ubuntu_linux	Canonical	12.04 (including)	12.04 (including)
Ubuntu_linux	Canonical	14.04 (including)	14.04 (including)
Ubuntu_linux	Canonical	14.10 (including)	14.10 (including)
Ubuntu_linux	Canonical	15.04 (including)	15.04 (including)
Unattended-upgrades	Ubuntu	devel	*
Unattended-upgrades	Ubuntu	precise	*
Unattended-upgrades	Ubuntu	trusty	*
Unattended-upgrades	Ubuntu	utopic	*
Unattended-upgrades	Ubuntu	vivid	*
Unattended-upgrades	Ubuntu	vivid/stable-phone-overlay	*

Potential Mitigations

https://cwe.mitre.org/data/definitions/114.html
https://cwe.mitre.org/data/definitions/115.html
https://cwe.mitre.org/data/definitions/151.html
https://cwe.mitre.org/data/definitions/194.html
https://cwe.mitre.org/data/definitions/22.html
https://cwe.mitre.org/data/definitions/57.html
https://cwe.mitre.org/data/definitions/593.html
https://cwe.mitre.org/data/definitions/633.html
https://cwe.mitre.org/data/definitions/650.html
https://cwe.mitre.org/data/definitions/94.html

References

http://metadata.ftp-master.debian.org/changelogs//main/u/unattended-upgrades/unattended-upgrades_0.86.1_changelog
http://www.debian.org/security/2015/dsa-3297
http://www.securitytracker.com/id/1032738
http://www.ubuntu.com/usn/USN-2657-1

NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-1330
CWE	https://cwe.mitre.org/data/definitions/287.html

Improper Authentication

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References