rkhunter versions before 1.4.4 are vulnerable to file download over insecure channel when doing mirror update resulting into potential remote code execution.
References
Link | Resource |
---|---|
http://seclists.org/oss-sec/2017/q2/643 | Mailing List Third Party Advisory |
https://security.gentoo.org/glsa/201805-11 | Third Party Advisory |
http://seclists.org/oss-sec/2017/q2/643 | Mailing List Third Party Advisory |
https://security.gentoo.org/glsa/201805-11 | Third Party Advisory |
Configurations
History
21 Nov 2024, 03:31
Type | Values Removed | Values Added |
---|---|---|
References | () http://seclists.org/oss-sec/2017/q2/643 - Mailing List, Third Party Advisory | |
References | () https://security.gentoo.org/glsa/201805-11 - Third Party Advisory |
Information
Published : 2017-07-21 22:29
Updated : 2024-11-21 03:31
NVD link : CVE-2017-7480
Mitre link : CVE-2017-7480
CVE.ORG link : CVE-2017-7480
JSON object : View
Products Affected
rootkit_hunter_project
- rootkit_hunter