Arbitrary Command Execution Vulnerability in Lintian by Debian
CVE-2009-4015

Currently unrated

Key Information:

Vendor: Debian
Status: Lintian
Vendor: CVE Published:; 2 February 2010

Summary

The Lintian tool versions 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x prior to 2.3.2 are susceptible to an arbitrary command execution vulnerability. This flaw enables remote attackers to exploit shell metacharacters present in filename arguments, potentially executing arbitrary commands on the affected systems. Users and administrators are encouraged to upgrade their Lintian installations to mitigate this risk and enhance security.

References

http://secunia.com/advisories/38379

third-party-advisoryx_refsource_SECUNIA

http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3...

x_refsource_CONFIRM

http://packages.qa.debian.org/l/lintian/news/20100128T015...

mailing-listx_refsource_MLIST

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Feb 2, 2010