CVE-2018-10897

A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.
Configurations

Configuration 1 (hide)

cpe:2.3:a:rpm:yum-utils:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

History

13 Feb 2023, 04:51

Type Values Removed Values Added
CWE CWE-22 CWE-59
Summary A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.
References
  • {'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=1600221', 'name': 'https://bugzilla.redhat.com/show_bug.cgi?id=1600221', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/security/cve/CVE-2018-10897', 'name': 'https://access.redhat.com/security/cve/CVE-2018-10897', 'tags': [], 'refsource': 'MISC'}

02 Feb 2023, 21:18

Type Values Removed Values Added
Summary A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected. A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files.
References
  • (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1600221 -
  • (MISC) https://access.redhat.com/security/cve/CVE-2018-10897 -

09 Sep 2021, 12:42

Type Values Removed Values Added
References (CONFIRM) https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 - (CONFIRM) https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 - Third Party Advisory

11 Aug 2021, 15:21

Type Values Removed Values Added
CPE cpe:2.3:a:rpm-software-management_project:yum-utils:*:*:*:*:*:*:*:* cpe:2.3:a:rpm:yum-utils:*:*:*:*:*:*:*:*

Information

Published : 2018-08-01 17:29

Updated : 2023-12-10 12:44


NVD link : CVE-2018-10897

Mitre link : CVE-2018-10897

CVE.ORG link : CVE-2018-10897


JSON object : View

Products Affected

redhat

  • enterprise_linux_desktop
  • enterprise_linux_workstation
  • enterprise_linux_server
  • virtualization

rpm

  • yum-utils
CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')