CVE-2014-0022 - OpenCVE

The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Baseurl	Yum

Configuration 1 [-]

OR	cpe:2.3:a:baseurl:yum::::::::
	cpe:2.3:a:baseurl:yum:3.4.0:::::::*
	cpe:2.3:a:baseurl:yum:3.4.1:::::::*
	cpe:2.3:a:baseurl:yum:3.4.2:::::::*

References

Link	Resource
http://secunia.com/advisories/56637	Vendor Advisory
http://www.securityfocus.com/bid/65119
http://yum.baseurl.org/gitweb?p=yum.git%3Ba=commitdiff%3Bh=9df69e5794
https://bugzilla.redhat.com/show_bug.cgi?id=1052440
https://bugzilla.redhat.com/show_bug.cgi?id=1057377

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2014-01-26T11:00:00

Updated: 2014-01-26T03:57:01

Reserved: 2013-12-03T00:00:00

Link: CVE-2014-0022

JSON object: View

NVD Information

Status : Modified

Published: 2014-01-26T16:58:11.197

Modified: 2023-02-13T00:29:57.690

Link: CVE-2014-0022

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:baseurl:yum:*:*:*:*:*:*:*:*", "matchCriteriaId": "1BEBBA1D-0651-459D-98CA-F3215397E869", "versionEndIncluding": "3.4.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:baseurl:yum:3.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "5484C2BC-A606-4537-84F7-9203499E3E93", "vulnerable": true}, {"criteria": "cpe:2.3:a:baseurl:yum:3.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "10E52FC3-4ACA-450D-B5C7-1F153A569F31", "vulnerable": true}, {"criteria": "cpe:2.3:a:baseurl:yum:3.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "7BFDAC89-4838-4079-B6C9-0832F6ADCA9F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package."}, {"lang": "es", "value": "La funci\u00f3n installUpdates en yum-cron/yum-cron.py en yum 3.4.3 y anteriores no chequea apropiadamente el valor de retorno de la funci\u00f3n sigCheckPkg, lo cual permite a atacantes remotos sortear la restricci\u00f3n de firmado de paquetes RMP a trav\u00e9s de un paquete no firmado."}], "id": "CVE-2014-0022", "lastModified": "2023-02-13T00:29:57.690", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-01-26T16:58:11.197", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/56637"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/65119"}, {"source": "secalert@redhat.com", "url": "http://yum.baseurl.org/gitweb?p=yum.git%3Ba=commitdiff%3Bh=9df69e5794"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052440"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1057377"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}