236 matches found
Xxe
scripts/dget.pl in devscripts before 2.10.73 allows remote attackers to execute arbitrary commands via a crafted 1 .dsc or 2 .changes file, related to "arguments to external commands" that are not properly escaped, a different vulnerability than CVE-2012-2240...
Xxe
scripts/dscverify.pl in devscripts before 2.12.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to "arguments to external commands."...
CVE-2012-3500
CVE-2012-3500 is a local reliability issue in the annotate-output mechanism: scripts/annotate-output.sh in devscripts < 2.12.2 (used by rpmdevtools
CVE-2012-2240
CVE-2012-2240 affects devscripts, specifically the dscverify.pl component. The vulnerability occurs in scripts/dscverify.pl in devscripts before version 2.12.3, where remote attackers could execute arbitrary commands via unspecified vectors related to arguments to external commands. Multiple conn...
CVE-2012-2241
scripts/dget.pl in devscripts before 2.12.3 allows remote attackers to delete arbitrary files via a crafted 1 .dsc or 2 .changes file, probably related to a NULL byte in a filename...
CVE-2012-2240
scripts/dscverify.pl in devscripts before 2.12.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to "arguments to external commands."...
CVE-2012-2241
CVE-2012-2241 affects devscripts prior to version 2.12.3. The vulnerability allows a remote attacker to delete arbitrary files by supplying crafted .dsc or .changes files, with a likely NULL-byte filename issue cited in the description. Exploitation context is remote, with impact described as del...
CVE-2012-2242
scripts/dget.pl in devscripts before 2.10.73 allows remote attackers to execute arbitrary commands via a crafted 1 .dsc or 2 .changes file, related to "arguments to external commands" that are not properly escaped, a different vulnerability than CVE-2012-2240...
CVE-2012-2241
scripts/dget.pl in devscripts before 2.12.3 allows remote attackers to delete arbitrary files via a crafted 1 .dsc or 2 .changes file, probably related to a NULL byte in a filename...
CVE-2012-2240
scripts/dscverify.pl in devscripts before 2.12.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to "arguments to external commands."...
CVE-2012-3500
scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via a symlink attack on the temporary 1 standard output or 2 standard error output file...
CVE-2012-2242
CVE-2012-2242 affects devscripts' dget.pl prior to version 2.10.73, where crafted .dsc/.changes files can trigger remote commands due to insufficient escaping of arguments to external commands. The issue allows remote code execution and is separate from CVE-2012-2240. A fix is needed by upgrading...
Debian Security Advisory DSA 2549-1 (devscripts)
The remote host is missing an update to devscripts announced via advisory DSA 2549-1. OpenVAS Vulnerability Test $Id: deb25491.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2549-1 devscripts Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
Debian: Security Advisory (DSA-2549-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-2549-1 : devscripts - multiple vulnerabilities
Multiple vulnerabilities have been discovered in devscripts, a set of scripts to make the life of a Debian Package maintainer easier. The following Common Vulnerabilities and Exposures project ids have been assigned to identify them : - CVE-2012-2240 : Raphael Geissert discovered that dscverify...
[SECURITY] [DSA 2549-1] devscripts security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2549-1 [email protected] http://www.debian.org/security/ Raphael Geissert September 15, 2012 http://www.debian.org/security/faq -...
CVE-2012-2240
scripts/dscverify.pl in devscripts before 2.12.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to "arguments to external commands."...
DSA-2549-1 devscripts - multiple
Bulletin has no description...
CVE-2012-2241
scripts/dget.pl in devscripts before 2.12.3 allows remote attackers to delete arbitrary files via a crafted 1 .dsc or 2 .changes file, probably related to a NULL byte in a filename...
DEBIAN-CVE-2012-0212
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via shell metacharacters in the file name argument...