reprepro Update Repository Signature Verification Security Bypass Vulnerability
BID:25537
Info
reprepro Update Repository Signature Verification Security Bypass Vulnerability
| Bugtraq ID: | 25537 |
| Class: | Access Validation Error |
| CVE: |
CVE-2007-4739 |
| Remote: | No |
| Local: | Yes |
| Published: | Sep 04 2007 12:00AM |
| Updated: | Oct 25 2007 05:36PM |
| Credit: | Bernhard R. Link disclosed this issue. |
| Vulnerable: |
Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Bernhard R. Link reprepro 2.2.3 Bernhard R. Link reprepro 1.3.0-1 |
| Not Vulnerable: |
Bernhard R. Link reprepro 2.2.4 |
Discussion
reprepro Update Repository Signature Verification Security Bypass Vulnerability
The 'reprepro' utility is prone to a security-bypass vulnerability because it fails to adequately verify signatures during repository updates.
An attacker can exploit this issue to cause the application to accept packages signed with an unknown key, effectively bypassing security restrictions. Successful exploits can cause arbitrary repository files to be overwritten with malicious data.
Versions prior to reprepro 2.2.4 are vulnerable.
The 'reprepro' utility is prone to a security-bypass vulnerability because it fails to adequately verify signatures during repository updates.
An attacker can exploit this issue to cause the application to accept packages signed with an unknown key, effectively bypassing security restrictions. Successful exploits can cause arbitrary repository files to be overwritten with malicious data.
Versions prior to reprepro 2.2.4 are vulnerable.
Exploit / POC
reprepro Update Repository Signature Verification Security Bypass Vulnerability
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
reprepro Update Repository Signature Verification Security Bypass Vulnerability
Solution:
The vendor released reprepro 2.2.4 to address this issue. Please see the references for more information.
Bernhard R. Link reprepro 1.3.0-1
Bernhard R. Link reprepro 2.2.3
Solution:
The vendor released reprepro 2.2.4 to address this issue. Please see the references for more information.
Bernhard R. Link reprepro 1.3.0-1
-
Bernhard R. Link reprepro_2.2.4.orig.tar.gz
http://alioth.debian.org/frs/download.php/2127/reprepro_2.2.4.orig.tar .gz
Bernhard R. Link reprepro 2.2.3
-
Bernhard R. Link reprepro_2.2.4.orig.tar.gz
http://alioth.debian.org/frs/download.php/2127/reprepro_2.2.4.orig.tar .gz
References
reprepro Update Repository Signature Verification Security Bypass Vulnerability
References:
References:
- reprepro Homepage (Bernhard R. Link)
- reprepro: Not properly checking signatures of repositories updating from (Bernhard R. Link)