You can now find Cyber Kendra on Google News | Telegram

Critical Remote Code Execution bug on Liux APT Package Manager Patched

Critical Remote Code Execution bug found on Linux APT package manager
A researcher has found a critical remote code execution flaw in APT Package manager that was used by many popular Linux distros like Ubuntu, Debian, and many others.

Max Justicz discovered the vulnerability (CVE-2019-3462) that resides in the APT package manager which allows a network man-in-the-middle to execute arbitrary code as root on a machine installing any package. However, the bug has been now fixed in the latest package and patched were also been released.

On the blog post, Justicz, guide about the protection of user by simply disabling HTTP redirects while you update. To do this, just run the following command -
sudo apt update -o Acquire::http::AllowRedirect=false
sudo apt upgrade -o Acquire::http::AllowRedirect=false


Moreover, a detailed advisory has also been published by the Debian team which reads-
The code handling HTTP redirects in the HTTP transport method doesn't properly sanitize fields transmitted over the wire. This vulnerability could be used by an attacker located as a man-in-the-middle between APT and a mirror to inject malicious content in the HTTP connection. This content could then be recognized as a valid package by APT and used later for code execution with root privileges on the target machine.
A researcher has also shown a POC demonstration where an attacker intercepting HTTP traffic between APT utility and a mirror server, eventually could execute arbitrary code on the targeted system with the highest level of privileges, i.e. root.
The RCE bug has been fixed today in the APT 1.2.29ubuntu0.1, 1.7.0ubuntu0.1, 1.0.1ubuntu2.19, and 1.6.6ubuntu0.1 packages, as well as in APT 1.4.9 for the Debian distribution.

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
Oops!
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.