[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-2997-1 reportbug -- reportbug

ID: oval:org.secpod.oval:def:601749Date: (C)2014-08-26   (M)2022-10-10
Class: PATCHFamily: unix




Jakub Wilk discovered a remote command execution flaw in reportbug, a tool to report bugs in the Debian distribution. A man-in-the-middle attacker could put shell metacharacters in the version number allowing arbitrary code execution with the privileges of the user running reportbug.

Platform:
Debian 7.0
Product:
reportbug
Reference:
DSA-2997-1
CVE-2014-0479
CVE    1
CVE-2014-0479
CPE    3
cpe:/a:canonical:reportbug
cpe:/a:canonical:reportbug:6.5.0
cpe:/o:debian:debian_linux:7.x

© SecPod Technologies