Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-2142-1
HistoryJan 06, 2011 - 12:00 a.m.

dpkg - directory traversal

2011-01-0600:00:00
Google
osv.dev
16

EPSS

0.02

Percentile

88.8%

JSON

Jakub Wilk discovered that the dpkg-source component of dpkg, the Debian
package management system, doesn’t correctly handle paths in patches of
source packages, which could make it traverse directories.
Raphaël Hertzog additionally discovered that symbolic links in the .pc
directory are followed, which could make it traverse directories too.

Both issues only affect source packages using the “3.0 quilt” format at
unpack-time.

For the stable distribution (lenny), these problems have been fixed in
version 1.14.31.

For the testing (squeeze) and unstable distributions (sid),
these problems will be fixed soon.

We recommend that you upgrade your dpkg packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Related

openvas 7
nessus 6
fedora 2
prion 3
debiancve 3
debian 1
cve 3
cvelist 3
nvd 3
ubuntu 1
ubuntucve 3
securityvulns 2
openvas
openvas
Fedora Update for dpkg FEDORA-2011-0362
2011-01-24 00:00:00
Fedora Update for dpkg FEDORA-2011-0345
2011-01-24 00:00:00
Fedora Update for dpkg FEDORA-2011-0362
2011-01-24 00:00:00
nessus
nessus
Fedora 14 : dpkg-1.15.5.6-6.fc14 (2011-0362)
2011-01-24 00:00:00
Ubuntu 9.10 / 10.04 LTS / 10.10 : dpkg vulnerability (USN-1038-1)
2011-01-07 00:00:00
Fedora 13 : dpkg-1.15.5.6-6.fc13 (2011-0345)
2011-01-24 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: dpkg-1.15.5.6-6.fc13
2011-01-21 22:54:22
[SECURITY] Fedora 14 Update: dpkg-1.15.5.6-6.fc14
2011-01-21 22:53:12
prion
prion
Directory traversal
2011-01-11 03:00:00
Directory traversal
2011-01-11 03:00:00
Directory traversal
2011-03-11 22:55:00
debiancve
debiancve
CVE-2011-0402
2011-01-11 03:00:05
CVE-2010-1679
2011-01-11 03:00:01
CVE-2010-4651
2011-03-11 22:55:02
debian
debian
[SECURITY] [DSA-2142-1] New dpkg packages fix directory traversal
2011-01-06 18:20:14
cve
cve
CVE-2011-0402
2011-01-11 03:00:05
CVE-2010-1679
2011-01-11 03:00:01
CVE-2010-4651
2011-03-11 22:55:02
cvelist
cvelist
CVE-2011-0402
2011-01-11 01:00:00
CVE-2010-1679
2011-01-11 01:00:00
CVE-2010-4651
2011-03-11 22:00:00
nvd
nvd
CVE-2010-1679
2011-01-11 03:00:01
CVE-2011-0402
2011-01-11 03:00:05
CVE-2010-4651
2011-03-11 22:55:02
ubuntu
ubuntu
dpkg vulnerability
2011-01-06 00:00:00
ubuntucve
ubuntucve
CVE-2011-0402
2011-01-11 00:00:00
CVE-2010-1679
2011-01-06 00:00:00
CVE-2010-4651
2011-03-11 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA-2142-1] New dpkg packages fix directory traversal
2011-01-07 00:00:00
dpkg directory traversal
2011-01-07 00:00:00

EPSS

0.02

Percentile

88.8%

JSON
Related for OSV:DSA-2142-1
openvas7nessus6fedora2prion3debiancve3debian1cve3cvelist3nvd3ubuntu1ubuntucve3securityvulns2