15 matches found
EUVD-2012-0248
Malware in sbrugna...
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : devscripts vulnerabilities (USN-1593-1)
Raphael Geissert discovered that the debdiff.pl tool incorrectly handled shell metacharacters. If a user or automated system were tricked into processing a specially crafted filename, a remote attacker could possibly execute arbitrary code. CVE-2012-0212 Raphael Geissert discovered that the...
DEBIAN-CVE-2012-0212
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via shell metacharacters in the file name argument...
CVE-2012-0212
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via shell metacharacters in the file name argument...
CVE-2012-0211
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via a crafted tarball file name in the top-level directory of an original .orig source tarball of a source package...
CVE-2012-0210
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to obtain system information and execute arbitrary code via the file name in a 1 .dsc or 2 .changes file...
CVE-2012-0212
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via shell metacharacters in the file name argument...
Code injection
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via shell metacharacters in the file name argument...
CVE-2012-0210
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to obtain system information and execute arbitrary code via the file name in a 1 .dsc or 2 .changes file...
CVE-2012-0212
CVE-2012-0212 affects devscripts; the debdiff.pl component in versions before 2.10.69 and 2.11.x before 2.11.4 allows remote code execution via shell metacharacters in the file name argument. This vulnerability is reflected in multiple advisories (Ubuntu USN-1593-1, Debian security trackers, and ...
CVE-2012-0210
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to obtain system information and execute arbitrary code via the file name in a 1 .dsc or 2 .changes file...
CVE-2012-0211
CVE-2012-0211 concerns debdiff.pl, part of devscripts, with vulnerable versions 2.10.x before 2.10.69 and 2.11.x before 2.11.4. The issue allows remote code execution via a specially crafted tarball filename in the top-level directory of the original .orig source tarball. The Debian security advi...
CVE-2012-0211
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via a crafted tarball file name in the top-level directory of an original .orig source tarball of a source package...
CVE-2012-0211
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via a crafted tarball file name in the top-level directory of an original .orig source tarball of a source package...
CVE-2012-0212
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via shell metacharacters in the file name argument...