CVE-2019-3681 – osc: stores downloaded (supposed) RPM in network-controlled filesystem paths
https://notcve.org/view.php?id=CVE-2019-3681
A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory allowed remote attackers that can change downloaded packages to overwrite arbitrary files. This issue affects: SUSE Linux Enterprise Module for Development Tools 15 osc versions prior to 0.169.1-3.20.1. SUSE Linux Enterprise Software Development Kit 12-SP5 osc versions prior to 0.162.1-15.9.1. SUSE Linux Enterprise Software Development Kit 12-SP4 osc versions prior to 0.162.1-15.9.1. openSUSE Leap 15.1 osc versions prior to 0.169.1-lp151.2.15.1. openSUSE Factory osc versions prior to 0.169.0 . Una vulnerabilidad de Control Externo de Nombre de Archivo o Ruta en osc de SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory, permitió a atacantes remotos que pueden cambiar los paquetes descargados para sobrescribir archivos arbitrarios. • https://bugzilla.suse.com/show_bug.cgi?id=1122675 • CWE-73: External Control of File Name or Path •
CVE-2015-0778
https://notcve.org/view.php?id=CVE-2015-0778
osc before 0.151.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a _service file. osc anterior a 0.151.0 permite a atacantes remotos ejecutar comandos arbitrarios a través de metacaracteres de shell en un archivo _service. • http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154257.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154267.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/154117.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00012.html http://www.securityfocus.com/bid/73114 https://bugzilla.suse.com/show_bug.cgi?id=901643 https://security.gentoo.or • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2012-1095
https://notcve.org/view.php?id=CVE-2012-1095
osc before 0.134 might allow remote OBS repository servers or package maintainers to execute arbitrary commands via a crafted (1) build log or (2) build status that contains an escape sequence for a terminal emulator. osc anterior a 0.134 podría permitir a servidores de repositorios OBS remotos o equipos de mantenimiento de paquetes ejecutar comandos arbitrarios a través del (1) registro o (2) estado de creación manipulados que contienen una secuencia de escape para un emulador de terminal. • http://lists.opensuse.org/opensuse-updates/2012-03/msg00035.html http://www.openwall.com/lists/oss-security/2012/02/28/15 http://www.openwall.com/lists/oss-security/2012/02/28/9 http://www.openwall.com/lists/oss-security/2012/03/02/2 https://bugzilla.novell.com/show_bug.cgi?id=749335 https://bugzilla.redhat.com/show_bug.cgi?id=798353 • CWE-264: Permissions, Privileges, and Access Controls •