54 matches found
EUVD-2010-1699
Malware in sbrugna...
EUVD-2014-3801
Malware in sbrugna...
EUVD-2011-0428
Malware in sbrugna...
EUVD-2014-3802
Malware in sbrugna...
[SECURITY] Fedora 41 Update: dpkg-1.22.20-1.fc41
This package provides the low-level infrastructure for handling the installation and removal of Debian software packages. This package contains the tools including dpkg-source required to unpack, build and upload Debian source packages. This package also contains the programs dpkg which used to...
Debian: Security Advisory (DSA-2142-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2015-0197)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-8283
dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source...
CVE-2017-8283
dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source...
Directory traversal
dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source...
CVE-2017-8283
dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source...
CVE-2017-8283
CVE-2017-8283 concerns dpkg-source in dpkg 1.3.0 through 1.18.23, which can invoke a non-GNU patch program and lacks protection for blank-indented diff hunks. This enables remote attackers to perform directory traversal via a crafted Debian source package, demonstrated by using dpkg-source on Net...
CVE-2017-8283
dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source...
Debian DLA-220-1 : dpkg security update
Jann Horn discovered that the source package integrity verification in dpkg-source can be bypassed via a specially crafted Debian source control file .dsc. Note that this flaw only affects extraction of local Debian source packages via dpkg-source but not the installation of packages from the...
DLA-220-1 dpkg - security update
Bulletin has no description...
CVE-2015-0840
The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x before 1.17.25 allows remote attackers to bypass signature verification via a crafted Debian source control file .dsc...
DEBIAN-CVE-2015-0840
The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x before 1.17.25 allows remote attackers to bypass signature verification via a crafted Debian source control file .dsc...
Debian DSA-3217-1 : dpkg - security update
Jann Horn discovered that the source package integrity verification in dpkg-source can be bypassed via a specially crafted Debian source control file .dsc. Note that this flaw only affects extraction of local Debian source packages via dpkg-source but not the installation of packages from the...
CVE-2015-0840
The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x before 1.17.25 allows remote attackers to bypass signature verification via a crafted Debian source control file .dsc...
Debian: Security Advisory (DSA-3217-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...