Source: rkhunter X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security
Hi, The following vulnerability was published for rkhunter. CVE-2023-4413[0]: | A vulnerability was found in rkhunter Rootkit Hunter 1.4.4/1.4.6. It | has been classified as problematic. Affected is an unknown function | of the file /var/log/rkhunter.log. The manipulation leads to | sensitive information in log files. An attack has to be approached | locally. The complexity of an attack is rather high. The | exploitability is told to be difficult. The exploit has been | disclosed to the public and may be used. The identifier of this | vulnerability is VDB-237516. https://gist.github.com/MatheuZSecurity/16ef0219db8f85f49f945a25d5eb42d7 If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-4413 https://www.cve.org/CVERecord?id=CVE-2023-4413 Please adjust the affected versions in the BTS as needed.
