MiracleLinux 4 : yum-utils-1.1.30-42.AXS4 (AXSA:2018-3265:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3265:02 advisory. yum-utils: reposync: improper path validation may lead to directory traversal CVE-2018-10897 Tenable has extracted the preceding description block directly...

yum-utils: reposync: improper path validation may lead to directory traversal

A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path...