Описание
Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.
Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-3462
- https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E
- https://lists.debian.org/debian-lts-announce/2019/01/msg00013.html
- https://lists.debian.org/debian-lts-announce/2019/01/msg00014.html
- https://security.netapp.com/advisory/ntap-20190125-0002
- https://usn.ubuntu.com/3863-1
- https://usn.ubuntu.com/3863-2
- https://www.debian.org/security/2019/dsa-4371
- http://www.securityfocus.com/bid/106690
Связанные уязвимости
Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.
Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.
Incorrect sanitation of the 302 redirect field in HTTP transport metho ...
Уязвимость в программном обеспечении apt, связанная с неправильной очисткой поля перенаправления, позволяющая нарушителю выполнить удаленный код на целевой машине