ArchLinuxASA-201707-24[ASA-201707-24] rkhunter: arbitrary code execution
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.016 Low
EPSS
Percentile
87.5%
Arch Linux Security Advisory ASA-201707-24
Severity: High
Date : 2017-07-18
CVE-ID : CVE-2017-7480
Package : rkhunter
Type : arbitrary code execution
Remote : Yes
Link : https://security.archlinux.org/AVG-334
Summary
The package rkhunter before version 1.4.4-1 is vulnerable to arbitrary
code execution.
Resolution
Upgrade to 1.4.4-1.
pacman -Syu “rkhunter>=1.4.4-1”
The problem has been fixed upstream in version 1.4.4.
Workaround
None.
Description
rkhunter downloads updates over a plain HTTP link with a version
certificate that can be faked. A potential man-in-the-middle attack can
lead to the execution of arbitrary code.
Impact
A remote attacker in position of man-in-the-middle is able to execute
arbitrary code by injecting a malicious update.
References
http://openwall.com/lists/oss-security/2017/06/29/2
https://security.archlinux.org/CVE-2017-7480
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.016 Low
EPSS
Percentile
87.5%