CVE-2013-7050

2013-12-13T00:00:00
ID UB:CVE-2013-7050
Type ubuntucve
Reporter ubuntu.com
Modified 2013-12-13T00:00:00

Description

The get_main_source_dir function in scripts/uscan.pl in devscripts before 2.13.8, when using USCAN_EXCLUSION, allows remote attackers to execute arbitrary commands via shell metacharacters in a directory name.

Bugs

  • <https://bugzilla.redhat.com/show_bug.cgi?id=1040266>
  • <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731849>

Notes

Author| Note
---|---
mdeslaur | introduced in 2.13.5