CVE-2010-0396

Directory traversal vulnerability in the dpkg-source component in dpkg before 1.14.29 allows remote attackers to modify arbitrary files via a crafted Debian source archive...

Directory traversal

Directory traversal vulnerability in the dpkg-source component in dpkg before 1.14.29 allows remote attackers to modify arbitrary files via a crafted Debian source archive...

CVE-2010-0396

CVE-2010-0396 affects the dpkg package, specifically the dpkg-source component, where a directory traversal flaw in crafted Debian source archives could let an attacker modify arbitrary files. The vulnerability exists in versions prior to 1.14.29; Debian’s security advisory references DSA-2011 an...

CVE-2010-0396

Directory traversal vulnerability in the dpkg-source component in dpkg before 1.14.29 allows remote attackers to modify arbitrary files via a crafted Debian source archive...

CVE-2010-0396

Directory traversal vulnerability in the dpkg-source component in dpkg before 1.14.29 allows remote attackers to modify arbitrary files via a crafted Debian source archive...

Ubuntu Update for dpkg vulnerability USN-909-1

Ubuntu Update for Linux kernel vulnerabilities USN-909-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9091.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for dpkg vulnerability USN-909-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Ubuntu: Security Advisory (USN-909-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-909-1: dpkg vulnerability

William Grant discovered that dpkg-source did not safely apply diffs when unpacking source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of...

[SECURITY] [DSA 2011-1] New dpkg packages fix path traversal

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA-2011-1 [email protected] http://www.debian.org/security/ Nico Golde March 10th, 2010 http://www.debian.org/security/faq -...

CVE-2010-0396

Directory traversal vulnerability in the dpkg-source component in dpkg before 1.14.29 allows remote attackers to modify arbitrary files via a crafted Debian source archive...

Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : dpkg vulnerability (USN-909-1)

William Grant discovered that dpkg-source did not safely apply diffs when unpacking source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of...

Debian DSA-2011-1 : dpkg - path traversal

William Grant discovered that the dpkg-source component of dpkg, the low-level infrastructure for handling the installation and removal of Debian software packages, is vulnerable to path traversal attacks. A specially crafted Debian source package can lead to file modification outside of the...

[SECURITY] [DSA 2011-1] New dpkg packages fix path traversal

-------------------------------------------------------------------------- Debian Security Advisory DSA-2011-1 [email protected] http://www.debian.org/security/ Nico Golde March 10th, 2010 http://www.debian.org/security/faq -...

Debian DSA-1853-1 : memcached - heap-based buffer overflow

Ronald Volgers discovered that memcached, a high-performance memory object caching system, is vulnerable to several heap-based buffer overflows due to integer conversions when parsing certain length attributes. An attacker can use this to execute arbitrary code on the system running memcached on...

[SECURITY] [DSA-1990-2] New trac-git package fixes regression

------------------------------------------------------------------------ Debian Security Advisory DSA-1990-2 [email protected] http://www.debian.org/security/ Stefan Fritsch February 04, 2010 http://www.debian.org/security/faq -...

Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : openssl vulnerability (USN-884-1)

It was discovered that OpenSSL did not correctly free unused memory in certain situations. A remote attacker could trigger this flaw in services that used SSL, causing the service to use all available system memory, leading to a denial of service. Note that Tenable Network Security has extracted...

Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : curl vulnerability (USN-818-1)

Scott Cantor discovered that Curl did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Note that Tenable Network Security has...

Debian DSA-1818-1 : gforge - insufficient input sanitising

Laurent Almeras and Guillaume Smet have discovered a possible SQL injection vulnerability and cross-site scripting vulnerabilities in gforge, a collaborative development tool. Due to insufficient input sanitising, it was possible to inject arbitrary SQL statements and use several parameters to...

Debian DSA-1779-1 : apt - several vulnerabilities

Two vulnerabilities have been discovered in APT, the well-known dpkg frontend. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-1300 In time zones where daylight savings time occurs at midnight, the apt cron.daily script fails, stopping new security...

Debian DSA-1706-1 : amarok - integer overflows

Tobias Klein discovered that integer overflows in the code the Amarok media player uses to parse Audible files may lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Securi...