Ubuntu Security Notice 3965-1 - Dhiraj Mishra discovered that aria2 incorrectly stored authentication information. A local attacker could possibly use this issue to obtain credentials.
40dcc8ac374b67c7b85a791b82e2300742a7f0cf707bd67f6a709bfb67a36dbe==========================================================================
Ubuntu Security Notice USN-3965-1
May 06, 2019
aria2 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.04
- Ubuntu 18.10
Summary:
aria2 stores authentication information in plain text.
Software Description:
- aria2: High speed command-line download utility
Details:
Dhiraj Mishra discovered that aria2 incorrectly stored authentication
information. A local attacker could possibly use this issue to obtain
credentials.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 19.04:
aria2 1.34.0-3ubuntu0.1
libaria2-0 1.34.0-3ubuntu0.1
Ubuntu 18.10:
aria2 1.34.0-2ubuntu0.1
libaria2-0 1.34.0-2ubuntu0.1
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3965-1
CVE-2019-3500
Package Information:
https://launchpad.net/ubuntu/+source/aria2/1.34.0-3ubuntu0.1
https://launchpad.net/ubuntu/+source/aria2/1.34.0-2ubuntu0.1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed