Auth bypass in Dell Latitude_2110_netbook

CVE-2010-0834

The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before 5.0.0ubuntu20.10.04.2 on Ubuntu 10.04 LTS, as shipped on Dell Latitude 2110 netbooks, does not require authentication for package installation, which allows remote arch…

Vulnerability class: Broken Authentication

EPSS: 0.027 (84.1th percentile) — read the EPSS interpretation.

Affected products

Dell Latitude_2110_netbook
Ubuntu Ubuntu_linux — versions 10.04, 9.10
N/a — versions n/a

Weakness classification (CWE)

CWE-287 — Improper Authentication

References

security@ubuntu.com (Patch, vdb-entry, x_refsource_BID)
security@ubuntu.com (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
security@ubuntu.com (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
security@ubuntu.com (x_refsource_UBUNTU, vendor-advisory)