Directory Traversal Vulnerabilities in Lintian by Debian
CVE-2009-4013

9.8CRITICAL

Key Information:

Vendor
Debian
Status
Lintian
Vendor
CVE Published:
2 February 2010

Summary

Multiple vulnerabilities exist in Lintian that allow remote attackers to traverse directories improperly, enabling them to overwrite arbitrary files or access sensitive data. This exploitation can occur through manipulation of control field names, values, or files within patch systems, heightening the risks to systems utilizing affected versions of Lintian.

References

http://secunia.com/advisories/38379
third-party-advisoryx_refsource_SECUNIA
http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3...
x_refsource_CONFIRM
http://packages.qa.debian.org/l/lintian/news/20100128T015...
mailing-listx_refsource_MLIST

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.