Candidate: CVE-2014-2029
PublicDate: 2017-09-29 01:34:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2029
 http://www.openwall.com/lists/oss-security/2014/02/18/4
 https://bugs.launchpad.net/percona-toolkit/+bug/1279502
Description:
 The automatic version check functionality in the tools in Percona Toolkit
 2.1 allows man-in-the-middle attackers to obtain sensitive information or
 execute arbitrary code by leveraging use of HTTP to download configuration
 information from v.percona.com.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H [8.1 HIGH]

Patches_percona-toolkit:
upstream_percona-toolkit: released (2.2.7)
lucid_percona-toolkit: DNE
precise_percona-toolkit: not-affected (1.0.1-3)
quantal_percona-toolkit: ignored (reached end-of-life)
saucy_percona-toolkit: ignored (reached end-of-life)
trusty_percona-toolkit: not-affected (2.2.7-1~dfsg1)
trusty/esm_percona-toolkit: DNE (trusty was not-affected [2.2.7-1~dfsg1])
devel_percona-toolkit: not-affected (2.2.7-1~dfsg1)