CVE-2009-4013

CWE-22Path Traversal6 documents6 sources
Severity
9.8CRITICAL
EPSS
0.8%
top 25.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Debian LintianCanonical Ubuntu LinuxDebian Debian Linux
Timeline
PublishedFeb 2
Latest updateMay 2

Description

Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to overwrite arbitrary files or obtain sensitive information via vectors involving (1) control field names, (2) control field values, and (3) control files of patch systems.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDdebian/lintian2.0.02.3.2+2
Debianlintian< 2.3.2+3

Also affects: Debian Linux 4.0, 5.0, Ubuntu Linux 6.06, 8.04, 8.10, 9.04, 9.10

Patches

Patch: packages.qa.debian.orgPatch: www.securityfocus.comPatch: packages.qa.debian.org

🔴Vulnerability Details

3
GHSA
GHSA-8fqg-637q-r2qf: Multiple directory traversal vulnerabilities in Lintian 12022-05-02
OSV
CVE-2009-4013: Multiple directory traversal vulnerabilities in Lintian 12010-02-02
CVEList
CVE-2009-4013: Multiple directory traversal vulnerabilities in Lintian 12010-02-02

📋Vendor Advisories

2
Ubuntu
lintian vulnerabilities2010-01-28
Debian
CVE-2009-4013: lintian - Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, ...2009