Описание
rkhunter versions before 1.4.4 are vulnerable to file download over insecure channel when doing mirror update resulting into potential remote code execution.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| rkhunter | fixed | 1.4.4-1 | package | |
| rkhunter | fixed | 1.4.2-6+deb9u1 | stretch | package |
| rkhunter | fixed | 1.4.2-0.4+deb8u1 | jessie | package |
Примечания
https://www.openwall.com/lists/oss-security/2017/06/29/2
http://rkhunter.cvs.sourceforge.net/viewvc/rkhunter/rkhunter/files/rkhunter?r1=1.549&r2=1.550&view=patch
Связанные уязвимости
rkhunter versions before 1.4.4 are vulnerable to file download over insecure channel when doing mirror update resulting into potential remote code execution.
rkhunter versions before 1.4.4 are vulnerable to file download over insecure channel when doing mirror update resulting into potential remote code execution.
rkhunter versions before 1.4.4 are vulnerable to file download over insecure channel when doing mirror update resulting into potential remote code execution.