dpkg Source Package - Index: pseudo-header Processing Multiple Local Directory Traversals
| EKU-ID: 43561 | CVE: CVE-2014-3865;OSVDB-107568 | OSVDB-ID: |
| Author: Raphael Geissert | Published: 2014-05-25 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 43561 | CVE: CVE-2014-3865;OSVDB-107568 | OSVDB-ID: |
| Author: Raphael Geissert | Published: 2014-05-25 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/67727/info dpkg is prone to multiple directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues will allow local attackers to modify files outside the destination directory and possibly gain access to the system. dpkg 1.3.0 is vulnerable; other versions may also be affected. ,--- exploit.patch --- Index: index/symlink/index-file @@ -0,0 +1,1 @@ +Escaped `---