Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to overwrite arbitrary files or obtain sensitive information via vectors involving (1) control field names, (2) control field values, and (3) control files of patch systems.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
21 Nov 2024, 01:08
Type | Values Removed | Values Added |
---|---|---|
References | () http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=c8d01f062b3e5137cf65196760b079a855c75e00 - Broken Link | |
References | () http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=fbe0c92b2ef7e360d13414bf40d6af5507d0c86d - Broken Link | |
References | () http://packages.debian.org/changelogs/pool/main/l/lintian/lintian_2.3.2/changelog - Broken Link | |
References | () http://packages.qa.debian.org/l/lintian/news/20100128T015554Z.html - Mailing List, Patch | |
References | () http://secunia.com/advisories/38375 - Broken Link, Vendor Advisory | |
References | () http://secunia.com/advisories/38379 - Broken Link, Vendor Advisory | |
References | () http://www.debian.org/security/2010/dsa-1979 - Third Party Advisory | |
References | () http://www.securityfocus.com/bid/37975 - Broken Link, Patch, Third Party Advisory, VDB Entry | |
References | () http://www.ubuntu.com/usn/USN-891-1 - Third Party Advisory |
26 Jan 2024, 17:44
Type | Values Removed | Values Added |
---|---|---|
First Time |
Canonical
Debian debian Linux Canonical ubuntu Linux |
|
CPE | cpe:2.3:a:debian:lintian:1.23.4:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.2.3:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.2.12:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.0:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.1.4:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.28:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.23:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.19:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.13:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.2.18:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.3:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.1.0:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.3.1:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.24.1:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.2.0:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.2.10:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.2.5:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.2.9:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.2:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.24.0:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.16:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.11:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.1.6:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.2.2:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.2.1:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.26:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.1.3:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.2.15:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.2.14:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.3.0:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.2.6:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.22:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.15:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.0-rc1:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.2.11:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.2.13:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.12:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.17:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.5:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.2.4:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.0-rc2:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.1.5:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.2.7:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.27:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.1.1:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.9:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.10:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.6:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.8:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.18:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.24:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.1.2:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.25:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.20:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.24.2:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.2.16:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:2.2.8:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.14:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:1.23.1:*:*:*:*:*:*:* |
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:* cpe:2.3:a:debian:lintian:*:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:* |
References | (BID) http://www.securityfocus.com/bid/37975 - Broken Link, Patch, Third Party Advisory, VDB Entry | |
References | (MLIST) http://packages.qa.debian.org/l/lintian/news/20100128T015554Z.html - Mailing List, Patch | |
References | (DEBIAN) http://www.debian.org/security/2010/dsa-1979 - Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/38379 - Broken Link, Vendor Advisory | |
References | (UBUNTU) http://www.ubuntu.com/usn/USN-891-1 - Third Party Advisory | |
References | (CONFIRM) http://packages.debian.org/changelogs/pool/main/l/lintian/lintian_2.3.2/changelog - Broken Link | |
References | () http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=fbe0c92b2ef7e360d13414bf40d6af5507d0c86d - Broken Link | |
References | () http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=c8d01f062b3e5137cf65196760b079a855c75e00 - Broken Link | |
References | (SECUNIA) http://secunia.com/advisories/38375 - Broken Link, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
07 Nov 2023, 02:04
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2010-02-02 16:30
Updated : 2024-11-21 01:08
NVD link : CVE-2009-4013
Mitre link : CVE-2009-4013
CVE.ORG link : CVE-2009-4013
JSON object : View
Products Affected
debian
- debian_linux
- lintian
canonical
- ubuntu_linux
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')