SB2018070660 - Fedora 28 update for hadoop

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018070660

SB2018070660 - Fedora 28 update for hadoop

Published: July 6, 2018 Updated: April 24, 2025

Security Bulletin ID SB2018070660
Severity
High
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 40% Medium 20% Low 40%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Path traversal (CVE-ID: CVE-2018-8009)

The vulnerability allows a remote attacker to conduct a directory traversal attack on the target system.

The vulnerability exists due to improper validation of files inside an archive file. A remote unauthenticated attacker can trick the victim into extracting a zip file that contains files that use directory traversal characters, cause a malicious file to be created outside the current working directory and cause a denial of service (DoS) condition or execute arbitrary code by overwriting other files on the system.

Successful exploitation of the vulnerability may result in system compromise.

Note: the vulnerability has been dubbed "Zip Slip".


2) Cleartext transmission of sensitive information (CVE-ID: CVE-2017-3166)

The vulnerability allows a local authenticated user to execute arbitrary code.

In Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and 3.0.0-alpha1, if a file in an encryption zone with access permissions that make it world readable is localized via YARN's localization mechanism, that file will be stored in a world-readable location and can be shared freely with any application that requests to localize that file.


3) Information disclosure (CVE-ID: CVE-2017-15713)

The vulnerability allows a remote authenticated user to gain access to sensitive information.

Vulnerability in Apache Hadoop 0.23.x, 2.x before 2.7.5, 2.8.x before 2.8.3, and 3.0.0-alpha through 3.0.0-beta1 allows a cluster user to expose private files owned by the user running the MapReduce job history server process. The malicious user can construct a configuration file containing XML directives that reference sensitive files on the MapReduce job history server host.


4) Input validation error (CVE-ID: CVE-2017-15718)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The YARN NodeManager in Apache Hadoop 2.7.3 and 2.7.4 can leak the password for credential store provider used by the NodeManager to YARN Applications.


5) Command injection (CVE-ID: CVE-2016-6811)

The vulnerability allows a remote authenticated attacker to execute arbitrary commands with elevated privileges on the target system.

The weakness exists due to improper security restrictions. A remote attacker who can obtain yarn user access can inject and execute arbitrary commands with root privileges.

Remediation

Install update from vendor's website.

References