CVE-2018-10897

HIGH

Description

A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.

References

http://www.securitytracker.com/id/1041594

https://access.redhat.com/errata/RHSA-2018:2284

https://access.redhat.com/errata/RHSA-2018:2285

https://access.redhat.com/errata/RHSA-2018:2626

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10897

https://github.com/rpm-software-management/yum-utils/commit/6a8de061f8fdc885e74ebe8c94625bf53643b71c

https://github.com/rpm-software-management/yum-utils/commit/7554c0133eb830a71dc01846037cc047d0acbc2c

https://github.com/rpm-software-management/yum-utils/pull/43

https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0

Details

Source: MITRE

Published: 2018-08-01

Updated: 2018-11-30

Type: CWE-22

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

CVSS v3.0

Base Score: 8.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 2.2

Severity: HIGH

Tenable Plugins

View all (24 total)

IDNameProductFamilySeverity
127390NewStart CGSL MAIN 4.05 : yum-utils Vulnerability (NS-SA-2019-0133)NessusNewStart CGSL Local Security Checks
high
127184NewStart CGSL CORE 5.04 / MAIN 5.04 : yum-utils Vulnerability (NS-SA-2019-0024)NessusNewStart CGSL Local Security Checks
high
124918EulerOS Virtualization for ARM 64 3.0.1.0 : yum-utils (EulerOS-SA-2019-1415)NessusHuawei Local Security Checks
high
123846EulerOS Virtualization 2.5.3 : yum-utils (EulerOS-SA-2019-1160)NessusHuawei Local Security Checks
high
122702EulerOS Virtualization 2.5.2 : yum-utils (EulerOS-SA-2019-1080)NessusHuawei Local Security Checks
high
122354Fedora 29 : createrepo_c / dnf / dnf-plugins-core / dnf-plugins-extras / etc (2019-1fccede810)NessusFedora Local Security Checks
high
121068Juniper Junos Space 18.4.x < 18.4R1 Multiple Vulnerabilities (JSA10917)NessusJunos Local Security Checks
high
120412Fedora 28 : yum-utils (2018-4f0089c995)NessusFedora Local Security Checks
high
120345Fedora 29 : yum-utils (2018-357e8e07ce)NessusFedora Local Security Checks
high
118437EulerOS Virtualization 2.5.0 : yum-utils (EulerOS-SA-2018-1349)NessusHuawei Local Security Checks
high
118415EulerOS Virtualization 2.5.1 : yum-utils (EulerOS-SA-2018-1327)NessusHuawei Local Security Checks
high
117763EulerOS 2.0 SP3 : yum-utils (EulerOS-SA-2018-1320)NessusHuawei Local Security Checks
high
117762EulerOS 2.0 SP2 : yum-utils (EulerOS-SA-2018-1319)NessusHuawei Local Security Checks
high
117323RHEL 7 : Virtualization (RHSA-2018:2626)NessusRed Hat Local Security Checks
high
112088Amazon Linux 2 : yum-utils (ALAS-2018-1063)NessusAmazon Linux Local Security Checks
high
111615CentOS 7 : yum-utils (CESA-2018:2285)NessusCentOS Local Security Checks
high
111614CentOS 6 : yum-utils (CESA-2018:2284)NessusCentOS Local Security Checks
high
111612Amazon Linux AMI : yum-utils (ALAS-2018-1057)NessusAmazon Linux Local Security Checks
high
111497Scientific Linux Security Update : yum-utils on SL7.x (noarch) (20180730)NessusScientific Linux Local Security Checks
high
111496Scientific Linux Security Update : yum-utils on SL6.x (noarch) (20180730)NessusScientific Linux Local Security Checks
high
111490RHEL 7 : yum-utils (RHSA-2018:2285)NessusRed Hat Local Security Checks
high
111489RHEL 6 : yum-utils (RHSA-2018:2284)NessusRed Hat Local Security Checks
high
111483Oracle Linux 7 : yum-utils (ELSA-2018-2285)NessusOracle Linux Local Security Checks
high
111482Oracle Linux 6 : yum-utils (ELSA-2018-2284)NessusOracle Linux Local Security Checks
high