CVE-2017-7480

EPSS 2.3%CWE-300

rkhunter versions before 1.4.4 are vulnerable to file download over insecure channel when doing mirror update resulting into potential remote code execution.

Produtos afetados

Red Hat, Inc. · rkhunter

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://seclists.org/oss-sec/2017/q2/643 https://security.gentoo.org/glsa/201805-11