4 matches found
CVE-2013-7325
An issue exists in uscan in devscripts before 2.13.19, which could let a remote malicious user execute arbitrary code via a crafted tarball...
CVE-2013-7325
CVE-2013-7325 : The issue affects the uscan utility in the devscripts package prior to 2.13.19. A crafted tarball could be exploited to execute arbitrary code on the remote system running uscan, with the attacker gaining the privileges of that user. The available connected documents consistently ...
Debian DSA-2836-1 : devscripts - arbitrary code execution
Several vulnerabilities have been discovered in uscan, a tool to scan upstream sites for new releases of packages, which is part of the devscripts package. An attacker controlling a website from which uscan would attempt to download a source tarball could execute arbitrary code with the privilege...
Debian Security Advisory DSA 2836-1 (devscripts - arbitrary code execution)
Several vulnerabilities have been discovered in uscan, a tool to scan upstream sites for new releases of packages, which is part of the devscripts package. An attacker controlling a website from which uscan would attempt to download a source tarball could execute arbitrary code with the privilege...