Описание
Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| apt | fixed | 1.8.0~alpha3.1 | package |
Примечания
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1812353
https://justi.cz/security/2019/01/22/apt-rce.html
Связанные уязвимости
Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.
Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.
Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.
Уязвимость в программном обеспечении apt, связанная с неправильной очисткой поля перенаправления, позволяющая нарушителю выполнить удаленный код на целевой машине