Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 24.04 LTS : Debian Goodies vulnerability (USN-8109-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8109-1 advisory. Jakub Wilk discovered that debmany in Debian Goodies incorrectly handled certain deb files. An attacker could possibly use thi...

USN-8109-1: Debian Goodies vulnerability

Jakub Wilk discovered that debmany in Debian Goodies incorrectly handled certain deb files. An attacker could possibly use this issue to execute arbitrary shell commands...

USN-8109-1 debian-goodies vulnerability

Jakub Wilk discovered that debmany in Debian Goodies incorrectly handled certain deb files. An attacker could possibly use this issue to execute arbitrary shell commands...

Ubuntu: Security Advisory (USN-6714-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6714-1: Debian Goodies vulnerability

It was discovered that debmany in Debian Goodies incorrectly handled certain deb files. An attacker could possibly use this issue to execute arbitrary shell commands...

USN-6714-1 debian-goodies vulnerability

It was discovered that debmany in Debian Goodies incorrectly handled certain deb files. An attacker could possibly use this issue to execute arbitrary shell commands...

The vulnerability of the eval() function in the debmany utility package of the Debian-goodies suite allows a hacker to execute arbitrary commands.

The vulnerability of the eval function in the debmany utility package of the Debian-goodies suite is related to the lack of measures taken to neutralize special elements used in operating system commands when processing .deb files. Exploiting this vulnerability allows an attacker to execute...

CVE-2023-27635

debmany in debian-goodies 0.88.1 allows attackers to execute arbitrary shell commands because of an eval call via a crafted .deb file. The path is shown to the user before execution...

CVE-2023-27635

debmany in debian-goodies 0.88.1 allows attackers to execute arbitrary shell commands because of an eval call via a crafted .deb file. The path is shown to the user before execution...

CVE-2023-27635

debmany in debian-goodies 0.88.1 allows attackers to execute arbitrary shell commands because of an eval call via a crafted .deb file. The path is shown to the user before execution...

CVE-2023-27635

CVE-2023-27635 affects debmany in Debian Goodies 0.88.1. The root cause is an eval call that allows an attacker to execute arbitrary shell commands via a crafted .deb file, with the file path shown to the user before execution. This yields a local attack vector with user interaction required (per...