Page 3 of 15 results (0.007 seconds)

CVSS: 6.8EPSS: 0%CPEs: 74EXPL: 0

scripts/dget.pl in devscripts before 2.10.73 allows remote attackers to execute arbitrary commands via a crafted (1) .dsc or (2) .changes file, related to "arguments to external commands" that are not properly escaped, a different vulnerability than CVE-2012-2240. scripts/dget.pl en devscripts anterior a v2.10.73 permite a atacantes remotos ejecutar comandos arbitrarios mediante un fichero (1) .dsc o (2) .changes manipulado, relacionado con "argumentos a comandos externos" que no son escapados correctamente. Una vulnerabilidad diferente a CVE-2012-2240. • http://secunia.com/advisories/50600 http://www.debian.org/security/2012/dsa-2549 http://www.securityfocus.com/bid/55564 http://www.ubuntu.com/usn/USN-1593-1 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 91EXPL: 0

scripts/dscverify.pl in devscripts before 2.12.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to "arguments to external commands." scripts/dscverify.pl en devscripts anterior a v2.12.3 permite a atacantes remotos ejecutar comandos arbitarios mediante vectores no especificados relacionados con "argumentos a comandos externos" • http://secunia.com/advisories/50600 http://www.debian.org/security/2012/dsa-2549 http://www.securityfocus.com/bid/55564 http://www.ubuntu.com/usn/USN-1593-1 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 6%CPEs: 70EXPL: 0

debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via a crafted tarball file name in the top-level directory of an original (.orig) source tarball of a source package. debdiff.pl de devscripts 2.10.x anteriores a 2.10.69 y 2.11.x anteriores a 2.11.4 permite a atacantes remotos ejecutar código arbitrario a través de un nombre de archivo tarball modificado en el directorio de mayor nivel de un tarball fuente original (.orig) de un paquete fuente. • http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git%3Ba=commitdiff%3Bh=87f88232eb643f0c118c6ba38db8e966915b450f http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git%3Ba=commitdiff%3Bh=9cbe605d3eab4f9e67525f69b676c55b273b7a03 http://secunia.com/advisories/47955 http://secunia.com/advisories/48039 http://ubuntu.com/usn/usn-1366-1 http://www.debian.org/security/2012/dsa-2409 http://www.osvdb.org/79320 http://www.securityfocus.com/bid/52029 https://exchange.xforce.ibmcloud.com/vulnerabilities&#x • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 6%CPEs: 70EXPL: 0

debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to obtain system information and execute arbitrary code via the file name in a (1) .dsc or (2) .changes file. debdiff.pl de devscripts 2.10.x anteriores a 2.10.69 y 2.11.x anteriores a 2.11.4 permite a atacantes remotos obtener información del sistema y ejecutar código arbitrario a través de un nombre de fichero en un archivo (1) .dsc o (2) .changes. • http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git%3Ba=commitdiff%3Bh=797ddc961532eb0aeb46153e3f28c8e9ea0500d2 http://secunia.com/advisories/47955 http://secunia.com/advisories/48039 http://ubuntu.com/usn/usn-1366-1 http://www.debian.org/security/2012/dsa-2409 http://www.osvdb.org/79319 http://www.securityfocus.com/bid/52029 https://exchange.xforce.ibmcloud.com/vulnerabilities/73215 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 6%CPEs: 70EXPL: 0

debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via shell metacharacters in the file name argument. debdiff.pl de devscripts 2.10.x anteriores a 2.10.69 y 2.11.x anteriores a 2.11.4 permite a atacantes remotos ejecutar código arbitrario a través de meta-caracteres de shell en el argumento de nombre de fichero. • http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git%3Ba=commitdiff%3Bh=9cbe605d3eab4f9e67525f69b676c55b273b7a03 http://secunia.com/advisories/47955 http://secunia.com/advisories/48039 http://ubuntu.com/usn/usn-1366-1 http://www.debian.org/security/2012/dsa-2409 http://www.osvdb.org/79322 http://www.securityfocus.com/bid/52029 http://www.ubuntu.com/usn/USN-1593-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/73217 • CWE-20: Improper Input Validation •