Lucene search
Ubuntu.comUB:CVE-2009-2946HistorySep 04, 2009 - 12:00 a.m.
CVE-2009-2946
2009-09-0400:00:00
ubuntu.com
ubuntu.com
12
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.003 Low
EPSS
Percentile
65.8%
Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in
devscripts allows remote attackers to execute arbitrary Perl code via
crafted pathnames on distribution servers for upstream source code used in
Debian GNU/Linux packages.
Bugs
- <https://bugs.launchpad.net/ubuntu/+source/devscripts/+bug/414298>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=515209>
Notes
| Author | Note |
|---|---|
| mdeslaur | watch for regression fixed in dsa-1878-2: http://thread.gmane.org/gmane.comp.security.bugtraq/41022 |
| jdstrand | lenny7 should have all fixes |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.06 | noarch | devscripts | <ย 2.9.10-0ubuntu0.1 | UNKNOWN |
| ubuntu | 8.04 | noarch | devscripts | <ย 2.10.11ubuntu5.8.04.4 | UNKNOWN |
| ubuntu | 8.10 | noarch | devscripts | <ย 2.10.26ubuntu15.2 | UNKNOWN |
| ubuntu | 9.04 | noarch | devscripts | <ย 2.10.39ubuntu7.1 | UNKNOWN |
Related
debian
debian
[Backports-security-announce] Security update for devscripts
2009-09-11 17:38:31
[Backports-security-announce] Security update for devscripts
2009-09-02 20:22:26
[Backports-security-announce] Security update for devscripts
2009-09-02 20:38:19
nessus
nessus
Ubuntu 6.06 LTS : devscripts vulnerability (USN-847-2)
2009-10-12 00:00:00
Debian DSA-1878-1 : devscripts - missing input sanitation
2010-02-24 00:00:00
Ubuntu 8.04 LTS / 8.10 / 9.04 : devscripts vulnerability (USN-847-1)
2009-10-09 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1878-1)
2009-09-15 00:00:00
Debian: Security Advisory (DSA-1878-1)
2009-09-09 00:00:00
Ubuntu: Security Advisory (USN-847-1)
2022-08-26 00:00:00
cve
cve
CVE-2009-2946
2009-09-04 20:30:00
securityvulns
securityvulns
[SECURITY] [DSA 1878-1] New devscripts packages fix remote code execution
2009-09-03 00:00:00
devscripts code execution
2009-09-03 00:00:00
prion
prion
Design/Logic Flaw
2009-09-04 20:30:00
seebug
seebug
Debian devscripts่ฝฏไปถๅ
uscan่ฟ็จไปฃ็ ๆง่กๆผๆด
2009-09-16 00:00:00
ubuntu
ubuntu
Devscripts vulnerability
2009-10-08 00:00:00
devscripts vulnerability
2009-10-09 00:00:00
debiancve
debiancve
CVE-2009-2946
2009-09-04 20:30:00
cvelist
cvelist
CVE-2009-2946
2022-10-03 16:24:05
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.003 Low
EPSS
Percentile
65.8%
Related for UB:CVE-2009-2946