CVE-2014-0022

The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1052440
https://bugzilla.redhat.com/show_bug.cgi?id=1057377
http://www.securityfocus.com/bid/65119
http://secunia.com/advisories/56637	Vendor Advisory
http://yum.baseurl.org/gitweb?p=yum.git%3Ba=commitdiff%3Bh=9df69e5794

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:baseurl:yum:3.4.1:::::::*
	cpe:2.3:a:baseurl:yum::::::::
	cpe:2.3:a:baseurl:yum:3.4.2:::::::*
	cpe:2.3:a:baseurl:yum:3.4.0:::::::*

Information

Published : 2014-01-26 08:58

Updated : 2023-02-12 16:29

NVD link : CVE-2014-0022

Mitre link : CVE-2014-0022

JSON object : View

CWE

CWE-20

Improper Input Validation

Advertisement

Products Affected

baseurl

yum

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052440", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1052440", "tags": [], "refsource": "CONFIRM"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1057377", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1057377", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/65119", "name": "65119", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/56637", "name": "56637", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://yum.baseurl.org/gitweb?p=yum.git%3Ba=commitdiff%3Bh=9df69e5794", "name": "http://yum.baseurl.org/gitweb?p=yum.git%3Ba=commitdiff%3Bh=9df69e5794", "tags": [], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2014-0022", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "acInsufInfo": false, "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2014-01-26T16:58Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:baseurl:yum:3.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:baseurl:yum:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "3.4.3"}, {"cpe23Uri": "cpe:2.3:a:baseurl:yum:3.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:baseurl:yum:3.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2023-02-13T00:29Z"}