Menu

#157 (CVE-2017-7480) VUL-0: CVE-2017-7480: rkhunter: Potential RCE after MiTM due to clear text download without signature

main
closed
John Horne
None
1
2017-07-31
2017-07-31
Sascha Manns
No

CVE-2017-7480

Download files via http and this can be used to execute code if mitm is possible.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7480
http://seclists.org/oss-sec/2017/q2/643
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7480

Discussion

  • John Horne

    John Horne - 2017-07-31

    Check the 1.4.4. changelog.

     

  • John Horne

    John Horne - 2017-07-31
    • status: open --> closed
    • assigned_to: John Horne
     

Log in to post a comment.