header-logo
Suggest Exploit
vendor:
dpkg
by:
SecurityFocus
7,2
CVSS
HIGH
Directory-Traversal
22
CWE
Product Name: dpkg
Affected Version From: 1.3.0
Affected Version To: 1.3.0
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2012

dpkg Directory-Traversal Vulnerabilities

dpkg is prone to multiple directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues will allow local attackers to modify files outside the destination directory and possibly gain access to the system.

Mitigation:

Ensure that user-supplied input is properly sanitized before being used.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/67727/info

dpkg is prone to multiple directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input.

Exploiting these issues will allow local attackers to modify files outside the destination directory and possibly gain access to the system.

dpkg 1.3.0 is vulnerable; other versions may also be affected. 

,--- exploit.patch ---
Index: index/symlink/index-file
@@ -0,0 +1,1 @@
+Escaped
`---

Navigation

Suggest Exploit

Services By CQR