AVG-334

Package rkhunter
Status Fixed
Severity High
Type arbitrary code execution
Affected 1.4.2-2
Fixed 1.4.4-1
Current 1.4.6-1 [community]
Ticket None
Created Thu Jun 29 14:03:48 2017
Issue Severity Remote Type Description
CVE-2017-7480 High Yes Arbitrary code execution
rkhunter downloads updates over a plain HTTP link with a version certificate that can be faked. A potential man-in-the-middle attack can lead to the...
Date Advisory Package Description
18 Jul 2017 ASA-201707-24 rkhunter arbitrary code execution