yum-utils reposync Directory Traversal VulnerabilitySeptember 6, 2018 am30 2:05 am

A vulnerability in the reposync component of yum-utils could allow an unauthenticated, remote attacker to conduct a directory traversal attack on a targeted system.

The vulnerability is due to insufficient sanitization of paths in remote repository configuration files by the reposync component of the affected software. An attacker who has control of a repository could exploit this vulnerability by persuading a user to sync their system with the attacker-controlled repository. A successful exploit could allow the attacker to conduct a path traversal attack, which could be used to copy files outside of the destination directory on the targeted system. If the reposync component is running with elevated privileges, the attacker could modify critical system files, which could result in a complete system compromise.

The vendor confirmed the vulnerability and released software updates.

Security Impact Rating: High

CVE: CVE-2018-10897

%d bloggers like this: