Vulnerabilities > CVE-2018-10897

047910
CVSS 8.1 - HIGH
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
high complexity
rpm
redhat
nessus

Summary

A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.

Nessus

  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1160.NASL
    descriptionAccording to the version of the yum-utils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files.i1/4^CVE-2018-10897i1/4%0 Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-19
    modified2019-04-09
    plugin id123846
    published2019-04-09
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123846
    titleEulerOS Virtualization 2.5.3 : yum-utils (EulerOS-SA-2019-1160)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(123846);
      script_version("1.5");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/19");
    
      script_cve_id(
        "CVE-2018-10897"
      );
    
      script_name(english:"EulerOS Virtualization 2.5.3 : yum-utils (EulerOS-SA-2019-1160)");
      script_summary(english:"Checks the rpm output for the updated package.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote EulerOS Virtualization host is missing a security update.");
      script_set_attribute(attribute:"description", value:
    "According to the version of the yum-utils package installed, the
    EulerOS Virtualization installation on the remote host is affected by
    the following vulnerability :
    
      - A directory traversal issue was found in reposync, a
        part of yum-utils, where reposync fails to sanitize
        paths in remote repository configuration files. If an
        attacker controls a repository, they may be able to
        copy files outside of the destination directory on the
        targeted system via path traversal. If reposync is
        running with heightened privileges on a targeted
        system, this flaw could potentially result in system
        compromise via the overwriting of critical system
        files.i1/4^CVE-2018-10897i1/4%0
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the EulerOS security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues.");
      # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1160
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?eed9ea55");
      script_set_attribute(attribute:"solution", value:
    "Update the affected yum-utils package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2019/04/01");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/09");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:yum-utils");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:2.5.3");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Huawei Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/EulerOS/release");
    if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
    uvp = get_kb_item("Host/EulerOS/uvp_version");
    if (uvp != "2.5.3") audit(AUDIT_OS_NOT, "EulerOS Virtualization 2.5.3");
    if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
    
    flag = 0;
    
    pkgs = ["yum-utils-1.1.31-42.h1"];
    
    foreach (pkg in pkgs)
      if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "yum-utils");
    }
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1415.NASL
    descriptionAccording to the version of the yum-utils packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.(CVE-2018-10897) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id124918
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124918
    titleEulerOS Virtualization for ARM 64 3.0.1.0 : yum-utils (EulerOS-SA-2019-1415)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(124918);
      script_version("1.4");
      script_cvs_date("Date: 2020/01/17");
    
      script_cve_id(
        "CVE-2018-10897"
      );
    
      script_name(english:"EulerOS Virtualization for ARM 64 3.0.1.0 : yum-utils (EulerOS-SA-2019-1415)");
      script_summary(english:"Checks the rpm output for the updated package.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote EulerOS Virtualization for ARM 64 host is missing a security update.");
      script_set_attribute(attribute:"description", value:
    "According to the version of the yum-utils packages installed, the
    EulerOS Virtualization for ARM 64 installation on the remote host is
    affected by the following vulnerability :
    
      - A directory traversal issue was found in reposync, a
        part of yum-utils, where reposync fails to sanitize
        paths in remote repository configuration files. If an
        attacker controls a repository, they may be able to
        copy files outside of the destination directory on the
        targeted system via path traversal. If reposync is
        running with heightened privileges on a targeted
        system, this flaw could potentially result in system
        compromise via the overwriting of critical system
        files. Version 1.1.31 and older are believed to be
        affected.(CVE-2018-10897)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the EulerOS security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues.");
      # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1415
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?21ebddb7");
      script_set_attribute(attribute:"solution", value:
    "Update the affected yum-utils package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2019/05/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/14");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:yum-plugin-fastestmirror");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:yum-utils");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:3.0.1.0");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Huawei Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/EulerOS/release");
    if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
    uvp = get_kb_item("Host/EulerOS/uvp_version");
    if (uvp != "3.0.1.0") audit(AUDIT_OS_NOT, "EulerOS Virtualization 3.0.1.0");
    if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
    if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);
    
    flag = 0;
    
    pkgs = ["yum-plugin-fastestmirror-1.1.31-46",
            "yum-utils-1.1.31-46"];
    
    foreach (pkg in pkgs)
      if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "yum-utils");
    }
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20180730_YUM_UTILS_ON_SL7_X.NASL
    descriptionSecurity Fix(es) : - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)
    last seen2020-03-18
    modified2018-08-02
    plugin id111497
    published2018-08-02
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/111497
    titleScientific Linux Security Update : yum-utils on SL7.x (noarch) (20180730)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(111497);
      script_version("1.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/24");
    
      script_cve_id("CVE-2018-10897");
    
      script_name(english:"Scientific Linux Security Update : yum-utils on SL7.x (noarch) (20180730)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Security Fix(es) :
    
      - yum-utils: reposync: improper path validation may lead
        to directory traversal (CVE-2018-10897)"
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1807&L=scientific-linux-errata&F=&S=&P=11881
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?17b5c2c8"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-NetworkManager-dispatcher");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-aliases");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-auto-update-debug-info");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-changelog");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-copr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-fastestmirror");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-filter-data");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-fs-snapshot");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-keys");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-list-data");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-merge-conf");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-ovl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-post-transaction-actions");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-pre-transaction-actions");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-priorities");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-protectbase");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-ps");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-remove-with-leaves");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-rpm-warm-cache");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-show-leaves");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-tmprepo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-tsflags");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-upgrade-helper");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-verify");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-plugin-versionlock");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-updateonboot");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:yum-utils");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/08/01");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/07/30");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/08/02");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver);
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL7", reference:"yum-NetworkManager-dispatcher-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-aliases-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-auto-update-debug-info-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-changelog-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-copr-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-fastestmirror-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-filter-data-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-fs-snapshot-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-keys-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-list-data-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-local-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-merge-conf-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-ovl-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-post-transaction-actions-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-pre-transaction-actions-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-priorities-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-protectbase-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-ps-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-remove-with-leaves-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-rpm-warm-cache-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-show-leaves-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-tmprepo-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-tsflags-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-upgrade-helper-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-verify-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-plugin-versionlock-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-updateonboot-1.1.31-46.el7_5")) flag++;
    if (rpm_check(release:"SL7", reference:"yum-utils-1.1.31-46.el7_5")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "yum-NetworkManager-dispatcher / yum-plugin-aliases / etc");
    }
    
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0133_YUM-UTILS.NASL
    descriptionThe remote NewStart CGSL host, running version MAIN 4.05, has yum-utils packages installed that are affected by a vulnerability: - A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. (CVE-2018-10897) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id127390
    published2019-08-12
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127390
    titleNewStart CGSL MAIN 4.05 : yum-utils Vulnerability (NS-SA-2019-0133)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20180730_YUM_UTILS_ON_SL6_X.NASL
    descriptionSecurity Fix(es) : - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)
    last seen2020-03-18
    modified2018-08-02
    plugin id111496
    published2018-08-02
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/111496
    titleScientific Linux Security Update : yum-utils on SL6.x (noarch) (20180730)
  • NASL familyAmazon Linux Local Security Checks
    NASL idAL2_ALAS-2018-1063.NASL
    descriptionA directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. (CVE-2018-10897)
    last seen2020-06-01
    modified2020-06-02
    plugin id112088
    published2018-08-24
    reporterThis script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/112088
    titleAmazon Linux 2 : yum-utils (ALAS-2018-1063)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2018-1327.NASL
    descriptionAccording to the version of the yum-utils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id118415
    published2018-10-26
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118415
    titleEulerOS Virtualization 2.5.1 : yum-utils (EulerOS-SA-2018-1327)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2018-2285.NASL
    descriptionAn update for yum-utils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Security Fix(es) : * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id111490
    published2018-08-02
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/111490
    titleRHEL 7 : yum-utils (RHSA-2018:2285)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2018-2284.NASL
    descriptionAn update for yum-utils is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Security Fix(es) : * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id111614
    published2018-08-10
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/111614
    titleCentOS 6 : yum-utils (CESA-2018:2284)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1080.NASL
    descriptionAccording to the version of the yum-utils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.(CVE-2018-10897) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id122702
    published2019-03-08
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122702
    titleEulerOS Virtualization 2.5.2 : yum-utils (EulerOS-SA-2019-1080)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-357E8E07CE.NASL
    descriptionSecurity fix for CVE-2018-10897 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120345
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120345
    titleFedora 29 : yum-utils (2018-357e8e07ce)
  • NASL familyJunos Local Security Checks
    NASL idJUNIPER_SPACE_JSA10917_184R1.NASL
    descriptionAccording to its self-reported version number, the remote Junos Space version is 18.4.x prior to 18.4R1. It is, therefore, affected by multiple vulnerabilities : - An integer overflow issue exists in procps-ng. This is related to CVE-2018-1124. (CVE-2018-1126) - A directory traversal issue exits in reposync, a part of yum-utils.tory configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. (CVE-2018-10897) - An integer overflow flaw was found in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id121068
    published2019-01-10
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121068
    titleJuniper Junos Space 18.4.x < 18.4R1 Multiple Vulnerabilities (JSA10917)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-4F0089C995.NASL
    descriptionSecurity fix for CVE-2018-10897 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120412
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120412
    titleFedora 28 : yum-utils (2018-4f0089c995)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2018-1319.NASL
    descriptionAccording to the version of the yum-utils packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2018-09-27
    plugin id117762
    published2018-09-27
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/117762
    titleEulerOS 2.0 SP2 : yum-utils (EulerOS-SA-2018-1319)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2018-2285.NASL
    descriptionFrom Red Hat Security Advisory 2018:2285 : An update for yum-utils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Security Fix(es) : * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id111483
    published2018-08-02
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/111483
    titleOracle Linux 7 : yum-utils (ELSA-2018-2285)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2018-2626.NASL
    descriptionAn update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host
    last seen2020-06-01
    modified2020-06-02
    plugin id117323
    published2018-09-06
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/117323
    titleRHEL 7 : Virtualization (RHSA-2018:2626)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2018-2284.NASL
    descriptionFrom Red Hat Security Advisory 2018:2284 : An update for yum-utils is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Security Fix(es) : * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id111482
    published2018-08-02
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/111482
    titleOracle Linux 6 : yum-utils (ELSA-2018-2284)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0024_YUM-UTILS.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has yum-utils packages installed that are affected by a vulnerability: - A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. (CVE-2018-10897) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id127184
    published2019-08-12
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127184
    titleNewStart CGSL CORE 5.04 / MAIN 5.04 : yum-utils Vulnerability (NS-SA-2019-0024)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2018-1320.NASL
    descriptionAccording to the version of the yum-utils packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2018-09-27
    plugin id117763
    published2018-09-27
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/117763
    titleEulerOS 2.0 SP3 : yum-utils (EulerOS-SA-2018-1320)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2018-1349.NASL
    descriptionAccording to the version of the yum-utils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id118437
    published2018-10-26
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118437
    titleEulerOS Virtualization 2.5.0 : yum-utils (EulerOS-SA-2018-1349)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2018-1057.NASL
    descriptionA directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files.(CVE-2018-10897)
    last seen2020-06-01
    modified2020-06-02
    plugin id111612
    published2018-08-10
    reporterThis script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/111612
    titleAmazon Linux AMI : yum-utils (ALAS-2018-1057)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-1FCCEDE810.NASL
    description**createrepo_c** - Include file timestamp in repomd.xml to allow reproducing exact metadata as produced in the past - Support of zchunk **libcomps** **librepo** - Add zchunk support **libdnf** - Enhance modular solver to handle enabled and default module streams differently (RhBug:1648839) - Add support of wild cards for modules (RhBug:1644588) - Revert commit that adds best as default behavior **dnf** - Updated difference YUM vs. DNF for yum-updateonboot - Added new command ``dnf alias [options] [list|add|delete] [<name>...]`` to allow the user to define and manage a list of aliases - Enhanced documentation - Unifying return codes for remove operations - [transaction] Make transaction content available for commands - Triggering transaction hooks if no transaction (RhBug:1650157) - Add hotfix packages to install pool (RhBug:1654738) - Report group operation in transaction table - [sack] Change algorithm to calculate rpmdb_version - Allow to enable modules that break default modules (RhBug:1648839) - Enhance documentation - API examples - Add --nobest option - Revert commit that adds best as default behavior **dnf-plugins-core** - [download] Do not download src without ``--source`` (RhBug:1666648) **dnf-plugins-extras** Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id122354
    published2019-02-21
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122354
    titleFedora 29 : createrepo_c / dnf / dnf-plugins-core / dnf-plugins-extras / etc (2019-1fccede810)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2018-2285.NASL
    descriptionAn update for yum-utils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Security Fix(es) : * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id111615
    published2018-08-10
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/111615
    titleCentOS 7 : yum-utils (CESA-2018:2285)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2018-2284.NASL
    descriptionAn update for yum-utils is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Security Fix(es) : * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id111489
    published2018-08-02
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/111489
    titleRHEL 6 : yum-utils (RHSA-2018:2284)

Redhat

advisories
  • bugzilla
    id1600221
    titleCVE-2018-10897 yum-utils: reposync: improper path validation may lead to directory traversal
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 6 is installed
        ovaloval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • commentyum-plugin-protectbase is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284001
          • commentyum-plugin-protectbase is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284002
        • AND
          • commentyum-plugin-auto-update-debug-info is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284003
          • commentyum-plugin-auto-update-debug-info is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284004
        • AND
          • commentyum-plugin-fs-snapshot is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284005
          • commentyum-plugin-fs-snapshot is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284006
        • AND
          • commentyum-updateonboot is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284007
          • commentyum-updateonboot is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284008
        • AND
          • commentyum-plugin-list-data is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284009
          • commentyum-plugin-list-data is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284010
        • AND
          • commentyum-plugin-priorities is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284011
          • commentyum-plugin-priorities is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284012
        • AND
          • commentyum-plugin-ps is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284013
          • commentyum-plugin-ps is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284014
        • AND
          • commentyum-plugin-upgrade-helper is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284015
          • commentyum-plugin-upgrade-helper is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284016
        • AND
          • commentyum-NetworkManager-dispatcher is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284017
          • commentyum-NetworkManager-dispatcher is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284018
        • AND
          • commentyum-plugin-post-transaction-actions is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284019
          • commentyum-plugin-post-transaction-actions is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284020
        • AND
          • commentyum-plugin-filter-data is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284021
          • commentyum-plugin-filter-data is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284022
        • AND
          • commentyum-plugin-remove-with-leaves is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284023
          • commentyum-plugin-remove-with-leaves is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284024
        • AND
          • commentyum-plugin-rpm-warm-cache is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284025
          • commentyum-plugin-rpm-warm-cache is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284026
        • AND
          • commentyum-plugin-keys is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284027
          • commentyum-plugin-keys is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284028
        • AND
          • commentyum-plugin-tsflags is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284029
          • commentyum-plugin-tsflags is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284030
        • AND
          • commentyum-plugin-merge-conf is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284031
          • commentyum-plugin-merge-conf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284032
        • AND
          • commentyum-plugin-local is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284033
          • commentyum-plugin-local is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284034
        • AND
          • commentyum-plugin-show-leaves is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284035
          • commentyum-plugin-show-leaves is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284036
        • AND
          • commentyum-plugin-fastestmirror is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284037
          • commentyum-plugin-fastestmirror is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284038
        • AND
          • commentyum-plugin-security is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284039
          • commentyum-plugin-security is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284040
        • AND
          • commentyum-utils is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284041
          • commentyum-utils is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284042
        • AND
          • commentyum-plugin-versionlock is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284043
          • commentyum-plugin-versionlock is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284044
        • AND
          • commentyum-plugin-aliases is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284045
          • commentyum-plugin-aliases is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284046
        • AND
          • commentyum-plugin-tmprepo is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284047
          • commentyum-plugin-tmprepo is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284048
        • AND
          • commentyum-plugin-verify is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284049
          • commentyum-plugin-verify is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284050
        • AND
          • commentyum-plugin-ovl is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284051
          • commentyum-plugin-ovl is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284052
        • AND
          • commentyum-plugin-changelog is earlier than 0:1.1.30-42.el6_10
            ovaloval:com.redhat.rhsa:tst:20182284053
          • commentyum-plugin-changelog is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284054
    rhsa
    idRHSA-2018:2284
    released2018-07-30
    severityImportant
    titleRHSA-2018:2284: yum-utils security update (Important)
  • bugzilla
    id1600221
    titleCVE-2018-10897 yum-utils: reposync: improper path validation may lead to directory traversal
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • commentyum-plugin-list-data is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285001
          • commentyum-plugin-list-data is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284010
        • AND
          • commentyum-plugin-show-leaves is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285003
          • commentyum-plugin-show-leaves is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284036
        • AND
          • commentyum-plugin-copr is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285005
          • commentyum-plugin-copr is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182285006
        • AND
          • commentyum-plugin-auto-update-debug-info is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285007
          • commentyum-plugin-auto-update-debug-info is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284004
        • AND
          • commentyum-updateonboot is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285009
          • commentyum-updateonboot is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284008
        • AND
          • commentyum-plugin-ps is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285011
          • commentyum-plugin-ps is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284014
        • AND
          • commentyum-plugin-upgrade-helper is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285013
          • commentyum-plugin-upgrade-helper is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284016
        • AND
          • commentyum-plugin-fastestmirror is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285015
          • commentyum-plugin-fastestmirror is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284038
        • AND
          • commentyum-plugin-remove-with-leaves is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285017
          • commentyum-plugin-remove-with-leaves is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284024
        • AND
          • commentyum-NetworkManager-dispatcher is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285019
          • commentyum-NetworkManager-dispatcher is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284018
        • AND
          • commentyum-plugin-keys is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285021
          • commentyum-plugin-keys is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284028
        • AND
          • commentyum-plugin-tsflags is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285023
          • commentyum-plugin-tsflags is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284030
        • AND
          • commentyum-plugin-post-transaction-actions is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285025
          • commentyum-plugin-post-transaction-actions is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284020
        • AND
          • commentyum-plugin-pre-transaction-actions is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285027
          • commentyum-plugin-pre-transaction-actions is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182285028
        • AND
          • commentyum-plugin-local is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285029
          • commentyum-plugin-local is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284034
        • AND
          • commentyum-plugin-protectbase is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285031
          • commentyum-plugin-protectbase is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284002
        • AND
          • commentyum-plugin-priorities is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285033
          • commentyum-plugin-priorities is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284012
        • AND
          • commentyum-plugin-merge-conf is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285035
          • commentyum-plugin-merge-conf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284032
        • AND
          • commentyum-plugin-filter-data is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285037
          • commentyum-plugin-filter-data is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284022
        • AND
          • commentyum-plugin-fs-snapshot is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285039
          • commentyum-plugin-fs-snapshot is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284006
        • AND
          • commentyum-plugin-rpm-warm-cache is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285041
          • commentyum-plugin-rpm-warm-cache is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284026
        • AND
          • commentyum-plugin-versionlock is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285043
          • commentyum-plugin-versionlock is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284044
        • AND
          • commentyum-plugin-verify is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285045
          • commentyum-plugin-verify is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284050
        • AND
          • commentyum-plugin-tmprepo is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285047
          • commentyum-plugin-tmprepo is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284048
        • AND
          • commentyum-plugin-ovl is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285049
          • commentyum-plugin-ovl is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284052
        • AND
          • commentyum-plugin-changelog is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285051
          • commentyum-plugin-changelog is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284054
        • AND
          • commentyum-utils is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285053
          • commentyum-utils is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284042
        • AND
          • commentyum-plugin-aliases is earlier than 0:1.1.31-46.el7_5
            ovaloval:com.redhat.rhsa:tst:20182285055
          • commentyum-plugin-aliases is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20182284046
    rhsa
    idRHSA-2018:2285
    released2018-07-30
    severityImportant
    titleRHSA-2018:2285: yum-utils security update (Important)
  • rhsa
    idRHSA-2018:2626
rpms
  • yum-NetworkManager-dispatcher-0:1.1.30-42.el6_10
  • yum-plugin-aliases-0:1.1.30-42.el6_10
  • yum-plugin-auto-update-debug-info-0:1.1.30-42.el6_10
  • yum-plugin-changelog-0:1.1.30-42.el6_10
  • yum-plugin-fastestmirror-0:1.1.30-42.el6_10
  • yum-plugin-filter-data-0:1.1.30-42.el6_10
  • yum-plugin-fs-snapshot-0:1.1.30-42.el6_10
  • yum-plugin-keys-0:1.1.30-42.el6_10
  • yum-plugin-list-data-0:1.1.30-42.el6_10
  • yum-plugin-local-0:1.1.30-42.el6_10
  • yum-plugin-merge-conf-0:1.1.30-42.el6_10
  • yum-plugin-ovl-0:1.1.30-42.el6_10
  • yum-plugin-post-transaction-actions-0:1.1.30-42.el6_10
  • yum-plugin-priorities-0:1.1.30-42.el6_10
  • yum-plugin-protectbase-0:1.1.30-42.el6_10
  • yum-plugin-ps-0:1.1.30-42.el6_10
  • yum-plugin-remove-with-leaves-0:1.1.30-42.el6_10
  • yum-plugin-rpm-warm-cache-0:1.1.30-42.el6_10
  • yum-plugin-security-0:1.1.30-42.el6_10
  • yum-plugin-show-leaves-0:1.1.30-42.el6_10
  • yum-plugin-tmprepo-0:1.1.30-42.el6_10
  • yum-plugin-tsflags-0:1.1.30-42.el6_10
  • yum-plugin-upgrade-helper-0:1.1.30-42.el6_10
  • yum-plugin-verify-0:1.1.30-42.el6_10
  • yum-plugin-versionlock-0:1.1.30-42.el6_10
  • yum-updateonboot-0:1.1.30-42.el6_10
  • yum-utils-0:1.1.30-42.el6_10
  • yum-NetworkManager-dispatcher-0:1.1.31-46.el7_5
  • yum-plugin-aliases-0:1.1.31-46.el7_5
  • yum-plugin-auto-update-debug-info-0:1.1.31-46.el7_5
  • yum-plugin-changelog-0:1.1.31-46.el7_5
  • yum-plugin-copr-0:1.1.31-46.el7_5
  • yum-plugin-fastestmirror-0:1.1.31-46.el7_5
  • yum-plugin-filter-data-0:1.1.31-46.el7_5
  • yum-plugin-fs-snapshot-0:1.1.31-46.el7_5
  • yum-plugin-keys-0:1.1.31-46.el7_5
  • yum-plugin-list-data-0:1.1.31-46.el7_5
  • yum-plugin-local-0:1.1.31-46.el7_5
  • yum-plugin-merge-conf-0:1.1.31-46.el7_5
  • yum-plugin-ovl-0:1.1.31-46.el7_5
  • yum-plugin-post-transaction-actions-0:1.1.31-46.el7_5
  • yum-plugin-pre-transaction-actions-0:1.1.31-46.el7_5
  • yum-plugin-priorities-0:1.1.31-46.el7_5
  • yum-plugin-protectbase-0:1.1.31-46.el7_5
  • yum-plugin-ps-0:1.1.31-46.el7_5
  • yum-plugin-remove-with-leaves-0:1.1.31-46.el7_5
  • yum-plugin-rpm-warm-cache-0:1.1.31-46.el7_5
  • yum-plugin-show-leaves-0:1.1.31-46.el7_5
  • yum-plugin-tmprepo-0:1.1.31-46.el7_5
  • yum-plugin-tsflags-0:1.1.31-46.el7_5
  • yum-plugin-upgrade-helper-0:1.1.31-46.el7_5
  • yum-plugin-verify-0:1.1.31-46.el7_5
  • yum-plugin-versionlock-0:1.1.31-46.el7_5
  • yum-updateonboot-0:1.1.31-46.el7_5
  • yum-utils-0:1.1.31-46.el7_5
  • imgbased-0:1.0.24-1.el7ev
  • python-imgbased-0:1.0.24-1.el7ev
  • redhat-release-virtualization-host-0:4.2-6.0.el7
  • redhat-virtualization-host-image-update-0:4.2-20180828.2.el7_5
  • redhat-virtualization-host-image-update-placeholder-0:4.2-6.0.el7