VulDB (AV:L/AC:H/Au:S/C:P/I:N/A:N)

VulDB AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

VulDB CWE-532

** DISPUTED ** A vulnerability was found in rkhunter Rootkit Hunter 1.4.4/1.4.6. It has been classified as problematic. Affected is an unknown function of the file /var/log/rkhunter.log. The manipulation leads to sensitive information in log files. An attack has to be approached locally. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The identifier of this vulnerability is VDB-237516. NOTE: Permission to access the file is limited to administrative users only by default.

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Permission to access the file is limited to administrative users only by default.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051896 [No Types Assigned]

https://gist.github.com/MatheuZSecurity/16ef0219db8f85f49f945a25d5eb42d7 [Exploit, Third Party Advisory]

https://vuldb.com/?ctiid.237516 [Permissions Required]

https://vuldb.com/?id.237516 [Third Party Advisory]

https://youtu.be/etHt1TNAgs8 [Exploit]