Lucene search
GoogleOSV:DSA-2011-1HistoryMar 10, 2010 - 12:00 a.m.
dpkg - path traversal
2010-03-1000:00:00
Google
osv.dev
16
EPSS
0.003
Percentile
70.3%
William Grant discovered that the dpkg-source component of dpkg, the
low-level infrastructure for handling the installation and removal of
Debian software packages, is vulnerable to path traversal attacks.
A specially crafted Debian source package can lead to file modification
outside of the destination directory when extracting the package content.
For the stable distribution (lenny), this problem has been fixed in
version 1.14.29.
For the testing (squeeze) and unstable (sid) distribution this problem
will be fixed soon.
We recommend that you upgrade your dpkg packages.
References
Related
nessus
nessus
Debian DSA-2011-1 : dpkg - path traversal
2010-03-11 00:00:00
Fedora 12 : dpkg-1.15.5.6-4.fc12 (2010-4371)
2010-07-01 00:00:00
Fedora 13 : dpkg-1.15.5.6-4.fc13 (2010-4410)
2010-07-01 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2011-1] New dpkg packages fix path traversal
2010-03-11 00:00:00
dpkg directory traversal
2011-01-07 00:00:00
openvas
openvas
Fedora Update for dpkg FEDORA-2010-4371
2010-03-22 00:00:00
Fedora Update for dpkg FEDORA-2010-4344
2010-03-22 00:00:00
Ubuntu: Security Advisory (USN-909-1)
2010-03-12 00:00:00
prion
prion
Directory traversal
2010-03-15 13:28:00
ubuntucve
ubuntucve
CVE-2010-0396
2010-03-11 00:00:00
nvd
nvd
CVE-2010-0396
2010-03-15 13:28:25
ubuntu
ubuntu
dpkg vulnerability
2010-03-11 00:00:00
cve
cve
CVE-2010-0396
2010-03-15 13:28:25
fedora
fedora
[SECURITY] Fedora 11 Update: dpkg-1.15.5.6-4.fc11
2010-03-20 03:38:45
[SECURITY] Fedora 12 Update: dpkg-1.15.5.6-4.fc12
2010-03-20 03:48:55
[SECURITY] Fedora 13 Update: dpkg-1.15.5.6-4.fc13
2010-03-20 03:42:53
debiancve
debiancve
CVE-2010-0396
2010-03-15 13:28:25
debian
debian
[SECURITY] [DSA 2011-1] New dpkg packages fix path traversal
2010-03-10 20:48:44
cvelist
cvelist
CVE-2010-0396
2010-03-12 20:00:00