- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 39207
- Проверка EDB
-
- Пройдено
- Автор
- RAPHAEL GEISSERT
- Тип уязвимости
- LOCAL
- Платформа
- LINUX
- CVE
- cve-2014-3865
- Дата публикации
- 2014-05-25
dpkg Source Package - Index: pseudo-header Processing Multiple Local Directory Traversals
Код:
source: https://www.securityfocus.com/bid/67727/info
dpkg is prone to multiple directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input.
Exploiting these issues will allow local attackers to modify files outside the destination directory and possibly gain access to the system.
dpkg 1.3.0 is vulnerable; other versions may also be affected.
,--- exploit.patch ---
Index: index/symlink/index-file
@@ -0,0 +1,1 @@
+Escaped
`---- Источник
- www.exploit-db.com
