Computer Security
[EN] securityvulns.ru no-pyccku


devscripts code execution
Published:03.09.2009
Source:
SecurityVulns ID:10201
Type:client
Threat Level:
5/10
Description:perl sctipt downloaded from untrusted source is executed.
Affected:DEVSCRIPTS : devscripts 2.10
CVE:CVE-2009-2946 (Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1878-1] New devscripts packages fix remote code execution (03.09.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod