Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2946

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2009-2946
Last Modified 08 Sep 2009 12:00:00
Published 04 Sep 2009 04:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-2946

Summary

Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages.

Vulnerable Systems

Application

  • Devscripts Devel Team Devscripts


References

DEBIAN - DSA-1878

CONFIRM - http://svn.debian.org/wsvn/devscripts/trunk/scripts/uscan.pl?op=log&rev=0&sc=1&isdir=0

CONFIRM - http://svn.debian.org/wsvn/devscripts/trunk/scripts/uscan.pl?op=diff&rev=1984&sc=1

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=515209


Last Updated: 27 May 2016 10:51:04