Lucene search

[email protected]NVD:CVE-2009-4015

HistoryFeb 02, 2010 - 4:30 p.m.

CVE-2009-4015

2010-02-0216:30:02

CWE-89

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.6%

JSON

Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allows remote attackers to execute arbitrary commands via shell metacharacters in filename arguments.

Affected configurations

NVD

Node

debianlintianMatch1.23.0

debianlintianMatch1.23.1

debianlintianMatch1.23.2

debianlintianMatch1.23.3

debianlintianMatch1.23.4

debianlintianMatch1.23.5

debianlintianMatch1.23.6

debianlintianMatch1.23.7

debianlintianMatch1.23.8

debianlintianMatch1.23.9

debianlintianMatch1.23.10

debianlintianMatch1.23.11

debianlintianMatch1.23.12

debianlintianMatch1.23.13

debianlintianMatch1.23.14

debianlintianMatch1.23.15

debianlintianMatch1.23.16

debianlintianMatch1.23.17

debianlintianMatch1.23.18

debianlintianMatch1.23.19

debianlintianMatch1.23.20

debianlintianMatch1.23.22

debianlintianMatch1.23.23

debianlintianMatch1.23.24

debianlintianMatch1.23.25

debianlintianMatch1.23.26

debianlintianMatch1.23.27

debianlintianMatch1.23.28

debianlintianMatch1.24.0

debianlintianMatch1.24.1

debianlintianMatch1.24.2

debianlintianMatch2.0-rc1

debianlintianMatch2.0-rc2

debianlintianMatch2.1.0

debianlintianMatch2.1.1

debianlintianMatch2.1.2

debianlintianMatch2.1.3

debianlintianMatch2.1.4

debianlintianMatch2.1.5

debianlintianMatch2.1.6

debianlintianMatch2.2.0

debianlintianMatch2.2.1

debianlintianMatch2.2.2

debianlintianMatch2.2.3

debianlintianMatch2.2.4

debianlintianMatch2.2.5

debianlintianMatch2.2.6

debianlintianMatch2.2.7

debianlintianMatch2.2.8

debianlintianMatch2.2.9

debianlintianMatch2.2.10

debianlintianMatch2.2.11

debianlintianMatch2.2.12

debianlintianMatch2.2.13

debianlintianMatch2.2.14

debianlintianMatch2.2.15

debianlintianMatch2.2.16

debianlintianMatch2.2.18

debianlintianMatch2.3.0

debianlintianMatch2.3.1

References

git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=c8d01f062b3e5137cf65196760b079a855c75e00

git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=fbe0c92b2ef7e360d13414bf40d6af5507d0c86d

packages.debian.org/changelogs/pool/main/l/lintian/lintian_2.3.2/changelog

packages.qa.debian.org/l/lintian/news/20100128T015554Z.html

secunia.com/advisories/38375

secunia.com/advisories/38379

www.debian.org/security/2010/dsa-1979

www.securityfocus.com/bid/37975

www.ubuntu.com/usn/USN-891-1

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.6%

JSON

Related for NVD:CVE-2009-4015

cvelist1 prion1 cve1 ubuntucve1 debiancve1 ubuntu1 seebug1 nessus2 debian4 securityvulns2 openvas3 osv1