Vulnerabilities > CVE-2018-10897
Summary
A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.
Vulnerable Configurations
Nessus
NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1160.NASL description According to the version of the yum-utils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files.i1/4^CVE-2018-10897i1/4%0 Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-19 modified 2019-04-09 plugin id 123846 published 2019-04-09 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123846 title EulerOS Virtualization 2.5.3 : yum-utils (EulerOS-SA-2019-1160) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(123846); script_version("1.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/19"); script_cve_id( "CVE-2018-10897" ); script_name(english:"EulerOS Virtualization 2.5.3 : yum-utils (EulerOS-SA-2019-1160)"); script_summary(english:"Checks the rpm output for the updated package."); script_set_attribute(attribute:"synopsis", value: "The remote EulerOS Virtualization host is missing a security update."); script_set_attribute(attribute:"description", value: "According to the version of the yum-utils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files.i1/4^CVE-2018-10897i1/4%0 Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues."); # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1160 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?eed9ea55"); script_set_attribute(attribute:"solution", value: "Update the affected yum-utils package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"patch_publication_date", value:"2019/04/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/09"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:yum-utils"); script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:2.5.3"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Huawei Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/EulerOS/release"); if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS"); uvp = get_kb_item("Host/EulerOS/uvp_version"); if (uvp != "2.5.3") audit(AUDIT_OS_NOT, "EulerOS Virtualization 2.5.3"); if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu); flag = 0; pkgs = ["yum-utils-1.1.31-42.h1"]; foreach (pkg in pkgs) if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "yum-utils"); }
NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1415.NASL description According to the version of the yum-utils packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.(CVE-2018-10897) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 124918 published 2019-05-14 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124918 title EulerOS Virtualization for ARM 64 3.0.1.0 : yum-utils (EulerOS-SA-2019-1415) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(124918); script_version("1.4"); script_cvs_date("Date: 2020/01/17"); script_cve_id( "CVE-2018-10897" ); script_name(english:"EulerOS Virtualization for ARM 64 3.0.1.0 : yum-utils (EulerOS-SA-2019-1415)"); script_summary(english:"Checks the rpm output for the updated package."); script_set_attribute(attribute:"synopsis", value: "The remote EulerOS Virtualization for ARM 64 host is missing a security update."); script_set_attribute(attribute:"description", value: "According to the version of the yum-utils packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.(CVE-2018-10897) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues."); # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1415 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?21ebddb7"); script_set_attribute(attribute:"solution", value: "Update the affected yum-utils package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"patch_publication_date", value:"2019/05/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/14"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:yum-plugin-fastestmirror"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:yum-utils"); script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:3.0.1.0"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Huawei Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/EulerOS/release"); if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS"); uvp = get_kb_item("Host/EulerOS/uvp_version"); if (uvp != "3.0.1.0") audit(AUDIT_OS_NOT, "EulerOS Virtualization 3.0.1.0"); if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu); if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu); flag = 0; pkgs = ["yum-plugin-fastestmirror-1.1.31-46", "yum-utils-1.1.31-46"]; foreach (pkg in pkgs) if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "yum-utils"); }
NASL family Scientific Linux Local Security Checks NASL id SL_20180730_YUM_UTILS_ON_SL7_X.NASL description Security Fix(es) : - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) last seen 2020-03-18 modified 2018-08-02 plugin id 111497 published 2018-08-02 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111497 title Scientific Linux Security Update : yum-utils on SL7.x (noarch) (20180730) code # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(111497); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/24"); script_cve_id("CVE-2018-10897"); script_name(english:"Scientific Linux Security Update : yum-utils on SL7.x (noarch) (20180730)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Security Fix(es) : - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)" ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1807&L=scientific-linux-errata&F=&S=&P=11881 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?17b5c2c8" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-NetworkManager-dispatcher"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-aliases"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-auto-update-debug-info"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-changelog"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-copr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-fastestmirror"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-filter-data"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-fs-snapshot"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-keys"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-list-data"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-merge-conf"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-ovl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-post-transaction-actions"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-pre-transaction-actions"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-priorities"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-protectbase"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-ps"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-remove-with-leaves"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-rpm-warm-cache"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-show-leaves"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-tmprepo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-tsflags"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-upgrade-helper"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-verify"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-versionlock"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-updateonboot"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-utils"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/08/01"); script_set_attribute(attribute:"patch_publication_date", value:"2018/07/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/08/02"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL7", reference:"yum-NetworkManager-dispatcher-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-aliases-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-auto-update-debug-info-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-changelog-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-copr-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-fastestmirror-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-filter-data-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-fs-snapshot-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-keys-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-list-data-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-local-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-merge-conf-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-ovl-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-post-transaction-actions-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-pre-transaction-actions-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-priorities-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-protectbase-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-ps-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-remove-with-leaves-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-rpm-warm-cache-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-show-leaves-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-tmprepo-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-tsflags-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-upgrade-helper-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-verify-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-plugin-versionlock-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-updateonboot-1.1.31-46.el7_5")) flag++; if (rpm_check(release:"SL7", reference:"yum-utils-1.1.31-46.el7_5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "yum-NetworkManager-dispatcher / yum-plugin-aliases / etc"); }
NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0133_YUM-UTILS.NASL description The remote NewStart CGSL host, running version MAIN 4.05, has yum-utils packages installed that are affected by a vulnerability: - A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. (CVE-2018-10897) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 127390 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127390 title NewStart CGSL MAIN 4.05 : yum-utils Vulnerability (NS-SA-2019-0133) NASL family Scientific Linux Local Security Checks NASL id SL_20180730_YUM_UTILS_ON_SL6_X.NASL description Security Fix(es) : - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) last seen 2020-03-18 modified 2018-08-02 plugin id 111496 published 2018-08-02 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111496 title Scientific Linux Security Update : yum-utils on SL6.x (noarch) (20180730) NASL family Amazon Linux Local Security Checks NASL id AL2_ALAS-2018-1063.NASL description A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. (CVE-2018-10897) last seen 2020-06-01 modified 2020-06-02 plugin id 112088 published 2018-08-24 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/112088 title Amazon Linux 2 : yum-utils (ALAS-2018-1063) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1327.NASL description According to the version of the yum-utils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 118415 published 2018-10-26 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118415 title EulerOS Virtualization 2.5.1 : yum-utils (EulerOS-SA-2018-1327) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-2285.NASL description An update for yum-utils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Security Fix(es) : * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 111490 published 2018-08-02 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111490 title RHEL 7 : yum-utils (RHSA-2018:2285) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2018-2284.NASL description An update for yum-utils is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Security Fix(es) : * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 111614 published 2018-08-10 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111614 title CentOS 6 : yum-utils (CESA-2018:2284) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1080.NASL description According to the version of the yum-utils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.(CVE-2018-10897) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 122702 published 2019-03-08 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122702 title EulerOS Virtualization 2.5.2 : yum-utils (EulerOS-SA-2019-1080) NASL family Fedora Local Security Checks NASL id FEDORA_2018-357E8E07CE.NASL description Security fix for CVE-2018-10897 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2019-01-03 plugin id 120345 published 2019-01-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120345 title Fedora 29 : yum-utils (2018-357e8e07ce) NASL family Junos Local Security Checks NASL id JUNIPER_SPACE_JSA10917_184R1.NASL description According to its self-reported version number, the remote Junos Space version is 18.4.x prior to 18.4R1. It is, therefore, affected by multiple vulnerabilities : - An integer overflow issue exists in procps-ng. This is related to CVE-2018-1124. (CVE-2018-1126) - A directory traversal issue exits in reposync, a part of yum-utils.tory configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. (CVE-2018-10897) - An integer overflow flaw was found in the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 121068 published 2019-01-10 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121068 title Juniper Junos Space 18.4.x < 18.4R1 Multiple Vulnerabilities (JSA10917) NASL family Fedora Local Security Checks NASL id FEDORA_2018-4F0089C995.NASL description Security fix for CVE-2018-10897 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2019-01-03 plugin id 120412 published 2019-01-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120412 title Fedora 28 : yum-utils (2018-4f0089c995) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1319.NASL description According to the version of the yum-utils packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2018-09-27 plugin id 117762 published 2018-09-27 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117762 title EulerOS 2.0 SP2 : yum-utils (EulerOS-SA-2018-1319) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2018-2285.NASL description From Red Hat Security Advisory 2018:2285 : An update for yum-utils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Security Fix(es) : * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 111483 published 2018-08-02 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111483 title Oracle Linux 7 : yum-utils (ELSA-2018-2285) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-2626.NASL description An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host last seen 2020-06-01 modified 2020-06-02 plugin id 117323 published 2018-09-06 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117323 title RHEL 7 : Virtualization (RHSA-2018:2626) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2018-2284.NASL description From Red Hat Security Advisory 2018:2284 : An update for yum-utils is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Security Fix(es) : * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 111482 published 2018-08-02 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111482 title Oracle Linux 6 : yum-utils (ELSA-2018-2284) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0024_YUM-UTILS.NASL description The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has yum-utils packages installed that are affected by a vulnerability: - A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. (CVE-2018-10897) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 127184 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127184 title NewStart CGSL CORE 5.04 / MAIN 5.04 : yum-utils Vulnerability (NS-SA-2019-0024) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1320.NASL description According to the version of the yum-utils packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2018-09-27 plugin id 117763 published 2018-09-27 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117763 title EulerOS 2.0 SP3 : yum-utils (EulerOS-SA-2018-1320) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1349.NASL description According to the version of the yum-utils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 118437 published 2018-10-26 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118437 title EulerOS Virtualization 2.5.0 : yum-utils (EulerOS-SA-2018-1349) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2018-1057.NASL description A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files.(CVE-2018-10897) last seen 2020-06-01 modified 2020-06-02 plugin id 111612 published 2018-08-10 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111612 title Amazon Linux AMI : yum-utils (ALAS-2018-1057) NASL family Fedora Local Security Checks NASL id FEDORA_2019-1FCCEDE810.NASL description **createrepo_c** - Include file timestamp in repomd.xml to allow reproducing exact metadata as produced in the past - Support of zchunk **libcomps** **librepo** - Add zchunk support **libdnf** - Enhance modular solver to handle enabled and default module streams differently (RhBug:1648839) - Add support of wild cards for modules (RhBug:1644588) - Revert commit that adds best as default behavior **dnf** - Updated difference YUM vs. DNF for yum-updateonboot - Added new command ``dnf alias [options] [list|add|delete] [<name>...]`` to allow the user to define and manage a list of aliases - Enhanced documentation - Unifying return codes for remove operations - [transaction] Make transaction content available for commands - Triggering transaction hooks if no transaction (RhBug:1650157) - Add hotfix packages to install pool (RhBug:1654738) - Report group operation in transaction table - [sack] Change algorithm to calculate rpmdb_version - Allow to enable modules that break default modules (RhBug:1648839) - Enhance documentation - API examples - Add --nobest option - Revert commit that adds best as default behavior **dnf-plugins-core** - [download] Do not download src without ``--source`` (RhBug:1666648) **dnf-plugins-extras** Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 122354 published 2019-02-21 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122354 title Fedora 29 : createrepo_c / dnf / dnf-plugins-core / dnf-plugins-extras / etc (2019-1fccede810) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2018-2285.NASL description An update for yum-utils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Security Fix(es) : * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 111615 published 2018-08-10 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111615 title CentOS 7 : yum-utils (CESA-2018:2285) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-2284.NASL description An update for yum-utils is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Security Fix(es) : * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 111489 published 2018-08-02 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111489 title RHEL 6 : yum-utils (RHSA-2018:2284)
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|
References
- http://www.securitytracker.com/id/1041594
- http://www.securitytracker.com/id/1041594
- https://access.redhat.com/errata/RHSA-2018:2284
- https://access.redhat.com/errata/RHSA-2018:2284
- https://access.redhat.com/errata/RHSA-2018:2285
- https://access.redhat.com/errata/RHSA-2018:2285
- https://access.redhat.com/errata/RHSA-2018:2626
- https://access.redhat.com/errata/RHSA-2018:2626
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10897
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10897
- https://github.com/rpm-software-management/yum-utils/commit/6a8de061f8fdc885e74ebe8c94625bf53643b71c
- https://github.com/rpm-software-management/yum-utils/commit/6a8de061f8fdc885e74ebe8c94625bf53643b71c
- https://github.com/rpm-software-management/yum-utils/commit/7554c0133eb830a71dc01846037cc047d0acbc2c
- https://github.com/rpm-software-management/yum-utils/commit/7554c0133eb830a71dc01846037cc047d0acbc2c
- https://github.com/rpm-software-management/yum-utils/pull/43
- https://github.com/rpm-software-management/yum-utils/pull/43
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0