Debian Security Advisory DSA 1878-1 (devscripts)

The remote host is missing an update to devscripts announced via advisory DSA 1878-1. OpenVAS Vulnerability Test $Id: deb18781.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1878-1 devscripts Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

Debian: Security Advisory (DSA-1878-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages...

CVE-2009-2946

Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages...

CVE-2009-2946

Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages...

DEBIAN-CVE-2009-2946

Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages...

CVE-2009-2946

CVE-2009-2946 references an eval injection in devscripts' uscan.pl prior to revision 1984, enabling remote Perl code execution via crafted pathnames on distribution servers. Connected advisories (Debian DSA-1878-1/DSA-1878-2, Ubuntu USN-847-1/2, Red Hat RH CVE entry, OpenVAS/Nessus synopses) conf...

[SECURITY] [DSA 1878-1] New devscripts packages fix remote code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1878-1 [email protected] http://www.debian.org/security/ Florian Weimer September 02, 2009 http://www.debian.org/security/faq -...

devscripts code execution

perl sctipt downloaded from untrusted source is executed...

[Backports-security-announce] Security update for devscripts

Adam D. Barratt uploaded new packages for devscripts which fixed the following security problem: CVE-2009-2946: When parsing watch files, uscan applied "mangle rules" by evaluating them as Perl code without any sanitisation. This could have lead to the execution of arbitrary code by users or...

[Backports-security-announce] Security update for devscripts

Adam D. Barratt uploaded new packages for devscripts which fixed the following security problem: CVE-2009-2946: When parsing watch files, uscan applied "mangle rules" by evaluating them as Perl code without any sanitisation. This could have lead to the execution of arbitrary code by users or...

[Backports-security-announce] Security update for devscripts

Adam D. Barratt uploaded new packages for devscripts which fixed the following security problem: CVE-2009-2946: When parsing watch files, uscan applied "mangle rules" by evaluating them as Perl code without any sanitisation. This could have lead to the execution of arbitrary code by users or...

DSA-1878-1 devscripts - remote code execution

Bulletin has no description...

[Backports-security-announce] Security Update for devscripts

Adam D. Barratt uploaded new packages for devscripts which fixed the following security problems: Debian BTS 507482 When copying files from a remote host for signing, the temporary directory created was named based on the process ID rather than using mktemp. Debian BTS 508111 A call to mktemp use...

[Backports-security-announce] Security Update for devscripts

Adam D. Barratt uploaded new packages for devscripts which fixed the following security problems: Debian BTS 507482 When copying files from a remote host for signing, the temporary directory created was named based on the process ID rather than using mktemp. Debian BTS 508111 A call to mktemp use...

[Backports-security-announce] Security Update for devscripts

Adam D. Barratt uploaded new packages for devscripts which fixed the following security problems: Debian BTS 507482 When copying files from a remote host for signing, the temporary directory created was named based on the process ID rather than using mktemp. Debian BTS 508111 A call to mktemp use...