Home > Cyber News > CVE-2019-3462: Linux APT Package Manager Can Be Hacked Remotely Due to Critical Flaw
CYBER NEWS

CVE-2019-3462: Linux APT Package Manager Can Be Hacked Remotely Due to Critical Flaw

by   |  Last Update:  |  0 Comments  

A dangerous flaw has been discovered in the APT package manager for Linux distributions which allows hackers to remotely hack target machines. The issue is being tracked in the CVE-2019-3462 advisory which gives further information about the vulnerability. The affected versions of the APT package manager doesn’t sanitize certain some of the HTTP redirect parameters which allows for man-in-the-middle attacks to take place. This is particularly dangerous as the APT system used by some of the most popular distributions: Debian, Ubuntu, Linux Mint and others.

CVE-2019-3462: The APT Package Manager Is Vulnerable to Man-In-The-Middle Attacks

The APT package manager has been found to contain a dangerous vulnerability allowing criminals to hack the affected systems. As this is one of the most widely used systems for managing software on Linux distributions this affects a very large percentage of all users of the operating system. The problem was announced with the release of the CVE-2019-3462 advisory. The discovery was made by Max Justicz who took notice that the program handles incorrectly certain HTTP parameters when a redirect occurs. When such situations occur attackers can take advantage of this and perform man-in-the-middle attacks. This will led to the possibility of delivering changed packages, likely to contain malicious code.

Related: [wplinkpreview url=”https://sensorstechforum.com/cve-2018-16864-three-vulnerabilities-systemd-journald/”]Three Vulnerabilities in systemd-journald Discovered (CVE-2018-16864)

The APT flaw does not check for any new lines and arbitrary headers can be inserted into the results that are returned to the main process. If a man-in-the-middle attack is orchestrated then APT can be tricked into thinking that there are now new updates.

The researcher notes in his blog post that that by default Ubuntu and Debian use plain HTTP repositories out-of-the-box. He motions that the HTTPS is by-design a more secure default which can safeguard against certain bugs.

Soon after the vulnerability was disclosed the Debian security team patched the issue and a fix has been released to all users. Subsequently all other distributions that use the package manager have placed it in their repositories. All users are urged to update their systems in order to protect themselves from possible hack attempts.

Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts

Follow Me:
Twitter

Related posts:
  1. Top 15 Linux Security Questions You Didn’t Know You Had Beginner Linux administrators and users should know that even though...
  2. The Best Linux Server Distributions in 2017 Gnu/Linux is one of the leading server operating systems due...
  3. Top Security and Privacy Linux Distributions in 2019 There are many specialist Linux distributions that are designed with...
  4. Adobe Patches 112 Vulnerabilities in Latest Patch Package (CVE-2018-5007) Adobe has released the latest patch package that addresses a...
  5. The 10 Best Methods on How to Improve Linux Security This blog post is created in order to help you...
  6. Best Web Hosting Germany for 2021 (German Hosting Companies) *The data in this table may update every week because...
  7. Best Germany Web Hosting Service You Can Trust (2018) *The data in this table may update every week because...
  8. The Best IP and DVR Cameras for Security in 2018 *The data in this table may update every week because...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree