Summary
Detail | |||
---|---|---|---|
Vendor | Devscripts Devel Team | First view | 2012-09-30 |
Product | Devscripts | Last view | 2017-09-25 |
Version | 2.11.9 | Type | Application |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:devscripts_devel_team:devscripts |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.8 | 2017-09-25 | CVE-2015-5704 | scripts/licensecheck.pl in devscripts before 2.15.7 allows local users to execute arbitrary shell commands. |
7.5 | 2017-09-06 | CVE-2015-5705 | Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to arbitrary files via a crafted symlink and crafted filename. |
7.5 | 2014-01-07 | CVE-2013-6888 | Uscan in devscripts before 2.13.9 allows remote attackers to execute arbitrary code via a crafted tarball. |
6.8 | 2013-12-13 | CVE-2013-7050 | The get_main_source_dir function in scripts/uscan.pl in devscripts before 2.13.8, when using USCAN_EXCLUSION, allows remote attackers to execute arbitrary commands via shell metacharacters in a directory name. |
1.2 | 2012-09-30 | CVE-2012-3500 | scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via a symlink attack on the temporary (1) standard output or (2) standard error output file. |
5 | 2012-09-30 | CVE-2012-2241 | scripts/dget.pl in devscripts before 2.12.3 allows remote attackers to delete arbitrary files via a crafted (1) .dsc or (2) .changes file, probably related to a NULL byte in a filename. |
7.5 | 2012-09-30 | CVE-2012-2240 | scripts/dscverify.pl in devscripts before 2.12.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to "arguments to external commands." |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
33% (2) | CWE-20 | Improper Input Validation |
16% (1) | CWE-362 | Race Condition |
16% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
16% (1) | CWE-77 | Improper Sanitization of Special Elements used in a Command ('Comma... |
16% (1) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
OpenVAS Exploits
id | Description |
---|---|
2012-10-03 | Name : Ubuntu Update for devscripts USN-1593-1 File : nvt/gb_ubuntu_USN_1593_1.nasl |
2012-09-19 | Name : Debian Security Advisory DSA 2549-1 (devscripts) File : nvt/deb_2549_1.nasl |
2012-09-17 | Name : Fedora Update for rpmdevtools FEDORA-2012-13234 File : nvt/gb_fedora_2012_13234_rpmdevtools_fc17.nasl |
2012-09-17 | Name : Fedora Update for rpmdevtools FEDORA-2012-13263 File : nvt/gb_fedora_2012_13263_rpmdevtools_fc16.nasl |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2015-08-13 | Name: The remote Fedora host is missing a security update. File: fedora_2015-12699.nasl - Type: ACT_GATHER_INFO |
2015-08-13 | Name: The remote Fedora host is missing a security update. File: fedora_2015-12716.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2012-757.nasl - Type: ACT_GATHER_INFO |
2014-01-22 | Name: The remote Ubuntu host is missing a security-related patch. File: ubuntu_USN-2084-1.nasl - Type: ACT_GATHER_INFO |
2014-01-06 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-2836.nasl - Type: ACT_GATHER_INFO |
2013-12-23 | Name: The remote Fedora host is missing a security update. File: fedora_2013-23192.nasl - Type: ACT_GATHER_INFO |
2013-04-20 | Name: The remote Mandriva Linux host is missing a security update. File: mandriva_MDVSA-2013-123.nasl - Type: ACT_GATHER_INFO |
2012-10-03 | Name: The remote Ubuntu host is missing a security-related patch. File: ubuntu_USN-1593-1.nasl - Type: ACT_GATHER_INFO |
2012-09-18 | Name: The remote Fedora host is missing a security update. File: fedora_2012-13208.nasl - Type: ACT_GATHER_INFO |
2012-09-17 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-2549.nasl - Type: ACT_GATHER_INFO |
2012-09-12 | Name: The remote Fedora host is missing a security update. File: fedora_2012-13234.nasl - Type: ACT_GATHER_INFO |
2012-09-12 | Name: The remote Fedora host is missing a security update. File: fedora_2012-13263.nasl - Type: ACT_GATHER_INFO |