MGASA-2021-0525 - Updated rsh packages fix security vulnerability
Publication date: 25 Nov 2021
URL: https://advisories.mageia.org/MGASA-2021-0525.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2019-7282,
CVE-2019-7283
In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers
to bypass intended access restrictions via the filename of . or an empty
filename. The impact is modifying the permissions of the target directory
on the client side. This is similar to CVE-2018-20685. (CVE-2019-7282)
An issue was discovered in rcp in NetKit through 0.17. For an rcp
operation, the server chooses which files/directories are sent to the
client. However, the rcp client only performs cursory validation of the
object name returned. A malicious rsh server (or Man-in-The-Middle
attacker) can overwrite arbitrary files in a directory on the rcp client
machine. This is similar to CVE-2019-6111. (CVE-2019-7283).
References:
- https://bugs.mageia.org/show_bug.cgi?id=29675
- https://www.debian.org/lts/security/2021/dla-2822
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7282
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7283
SRPMS:
- 8/core/rsh-0.17-36.1.mga8
Mageia 2021-0525: rsh security update
In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of
Summary
CVE: CVE-2019-7282,
CVE-2019-7283
In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers
to bypass intended access restrictions via the filename of . or an empty
filename. The impact is modifying the permissions of the target directory
on the client side. This is similar to CVE-2018-20685. (CVE-2019-7282)
An issue was discovered in rcp in NetKit through 0.17. For an rcp
operation, the server chooses which files/directories are sent to the
client. However, the rcp client only performs cursory validation of the
object name returned. A malicious rsh server (or Man-in-The-Middle
attacker) can overwrite arbitrary files in a directory on the rcp client
machine. This is similar to CVE-2019-6111. (CVE-2019-7283).
Resolution
MGASA-2021-0525 - Updated rsh packages fix security vulnerability
References
- https://bugs.mageia.org/show_bug.cgi?id=29675
- https://www.debian.org/lts/security/2021/dla-2822
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7282
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7283
Severity
Issued Date: 25 Nov 2021
URL: https://advisories.mageia.org/MGASA-2021-0525.html
Type: security
Affected Mageia releases: 8
News
HOWTOs
Features
About Us
Powered By
