Mirror poisoning

Jan 1, 0001

Definition

Mirror poisoning is a security vulnerability that occurs when an attacker manipulates a software repository mirror to distribute malicious packages. This can happen if the mirror is not properly secured or if the integrity of the packages is not verified. Attackers exploit this by injecting malicious code into packages, which are then downloaded and executed by unsuspecting users, potentially leading to unauthorized access or data breaches.

Secure Settings Example

# Example of a secure package manager configuration using GPG verification
apt:
  sources:
    - deb http://mirror.example.com/ubuntu focal main
  key:
    url: https://mirror.example.com/ubuntu/KEY.gpg
    verify: true

Insecure Settings Example

# Example of an insecure package manager configuration without verification
apt:
  sources:
    - deb http://mirror.example.com/ubuntu focal main
  key:
    verify: false

Mirror poisoning

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter