13 lines
No EOL
482 B
Text
13 lines
No EOL
482 B
Text
source: http://www.securityfocus.com/bid/67727/info
|
|
|
|
dpkg is prone to multiple directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input.
|
|
|
|
Exploiting these issues will allow local attackers to modify files outside the destination directory and possibly gain access to the system.
|
|
|
|
dpkg 1.3.0 is vulnerable; other versions may also be affected.
|
|
|
|
,--- exploit.patch ---
|
|
Index: index/symlink/index-file
|
|
@@ -0,0 +1,1 @@
|
|
+Escaped
|
|
`--- |