Oval Definition:oval:com.ubuntu.disco:def:201972830000000
Revision Date:2019-01-31Version:1
Title:CVE-2019-7283 on Ubuntu 19.04 (disco) - medium.
Description:An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server (or Man-in-The-Middle attacker) can overwrite arbitrary files in a directory on the rcp client machine. This is similar to CVE-2019-6111.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2019-7283
Platform(s):Ubuntu 19.04
Product(s):
Definition Synopsis
  • Ubuntu 19.04 (disco) is installed.
  • AND netkit-rsh package in disco is affected and needs fixing.
    • BACK