← voltar
CVE-2014-0022

CVE-2014-0022

EPSS 2.4%
The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://bugzilla.redhat.com/show_bug.cgi?id=1052440https://bugzilla.redhat.com/show_bug.cgi?id=1057377http://secunia.com/advisories/56637http://www.securityfocus.com/bid/65119http://yum.baseurl.org/gitweb?p=yum.git%3Ba=commitdiff%3Bh=9df69e5794