Computer Security
[EN] securityvulns.ru
no-pyccku

  

Debian debdiff multiple security vulnerabilities
Published:22.02.2012
Source:
SecurityVulns ID:12218
Type:local
Threat Level:
5/10
Description:Information leakage, code execution.
Affected:DEBIAN : debdiff 2.11
CVE:CVE-2012-0212 (debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via shell metacharacters in the file name argument.)
 CVE-2012-0211 (debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via a crafted tarball file name in the top-level directory of an original (.orig) source tarball of a source package.)
 CVE-2012-0210 (debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to obtain system information and execute arbitrary code via the file name in a (1) .dsc or (2) .changes file.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2409-1] devscripts security update (22.02.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru