61 matches found
[DLA 31-1] reportbug security update
Package : reportbug Version : 4.12.6+deb6u1 CVE ID : CVE-2014-0479 Fix CVE-2014-0479: Arbitrary code execution in compareversions. A man-in-the-middle attacker could put shell metacharacters in the version number, causing execution of code of their choice...
DLA-31-1 reportbug - security update
Bulletin has no description...
DEBIAN-CVE-2014-0479
reportbug before 6.4.4+deb7u1 and 6.5.x before 6.5.0+nmu1 allows remote attackers to execute arbitrary commands via vectors related to compareversions and reportbug/checkversions.py...
CVE-2014-0479
reportbug before 6.4.4+deb7u1 and 6.5.x before 6.5.0+nmu1 allows remote attackers to execute arbitrary commands via vectors related to compareversions and reportbug/checkversions.py...
CVE-2014-0479
reportbug before 6.4.4+deb7u1 and 6.5.x before 6.5.0+nmu1 allows remote attackers to execute arbitrary commands via vectors related to compareversions and reportbug/checkversions.py...
CVE-2014-0479
reportbug before 6.4.4+deb7u1 and 6.5.x before 6.5.0+nmu1 allows remote attackers to execute arbitrary commands via vectors related to compareversions and reportbug/checkversions.py...
UBUNTU-CVE-2014-0479
reportbug before 6.4.4+deb7u1 and 6.5.x before 6.5.0+nmu1 allows remote attackers to execute arbitrary commands via vectors related to compareversions and reportbug/checkversions.py...
Design/Logic Flaw
reportbug before 6.4.4+deb7u1 and 6.5.x before 6.5.0+nmu1 allows remote attackers to execute arbitrary commands via vectors related to compareversions and reportbug/checkversions.py...
CVE-2014-0479
CVE-2014-0479 affects the reportbug tool. Remote code execution is possible via vectors related to compare_versions and reportbug/checkversions.py. Debian fixed in stable at 6.4.4+deb7u1 and in later 6.5.x as 6.5.0+nmu1; other advisories reiterate upgrade to these versions. Affected software is r...
CVE-2014-0479
reportbug before 6.4.4+deb7u1 and 6.5.x before 6.5.0+nmu1 allows remote attackers to execute arbitrary commands via vectors related to compareversions and reportbug/checkversions.py...
CVE-2014-0479
reportbug before 6.4.4+deb7u1 and 6.5.x before 6.5.0+nmu1 allows remote attackers to execute arbitrary commands via vectors related to compareversions and reportbug/checkversions.py...
Debian DSA-2997-1 : reportbug - security update
Jakub Wilk discovered a remote command execution flaw in reportbug, a tool to report bugs in the Debian distribution. A man-in-the-middle attacker could put shell metacharacters in the version number allowing arbitrary code execution with the privileges of the user running reportbug. %NASLMINLEVE...
[SECURITY] [DSA 2997-1] reportbug security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2997-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 05, 2014 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 2997-1 (reportbug - security update)
Jakub Wilk discovered a remote command execution flaw in reportbug, a tool to report bugs in the Debian distribution. A man-in-the-middle attacker could put shell metacharacters in the version number allowing arbitrary code execution with the privileges of the user running reportbug. OpenVAS...
DSA-2997-1 reportbug - security update
Bulletin has no description...
Debian: Security Advisory (DSA-2997-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2008-2230
Untrusted search path vulnerability in 1 reportbug 3.8 and 3.31, and 2 reportbug-ng before 0.2008.06.04, allows local users to execute arbitrary code via a malicious module file in the current working directory...
CVE-2008-2230
Untrusted search path vulnerability in 1 reportbug 3.8 and 3.31, and 2 reportbug-ng before 0.2008.06.04, allows local users to execute arbitrary code via a malicious module file in the current working directory...
Design/Logic Flaw
Untrusted search path vulnerability in 1 reportbug 3.8 and 3.31, and 2 reportbug-ng before 0.2008.06.04, allows local users to execute arbitrary code via a malicious module file in the current working directory...
DEBIAN-CVE-2008-2230
Untrusted search path vulnerability in 1 reportbug 3.8 and 3.31, and 2 reportbug-ng before 0.2008.06.04, allows local users to execute arbitrary code via a malicious module file in the current working directory...