Published: 30/04/2014 Updated: 16/10/2015

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Directory traversal vulnerability in the unpacking functionality in dpkg prior to 1.15.9, 1.16.x prior to 1.16.13, and 1.17.x prior to 1.17.8 allows remote malicious users to write arbitrary files via a crafted source package, related to "C-style filename quoting."

Vulnerable Product	Search on Vulmon	Subscribe to Product
canonical ubuntu linux 10.04
debian dpkg 1.10.11
debian dpkg 1.10.13
debian dpkg 1.10.19
debian dpkg 1.10.20
debian dpkg 1.10.25
debian dpkg 1.10.27
debian dpkg 1.10.8
debian dpkg 1.13.0
debian dpkg 1.13.14
debian dpkg 1.13.16
debian dpkg 1.13.20
debian dpkg 1.13.22
debian dpkg 1.13.6
debian dpkg 1.13.8
debian dpkg 1.14.13
debian dpkg 1.14.15
debian dpkg 1.14.16.4
debian dpkg 1.14.16.6
debian dpkg 1.14.22
debian dpkg 1.14.24
debian dpkg 1.14.30
debian dpkg 1.14.5
debian dpkg 1.15.0
debian dpkg 1.15.2
debian dpkg 1.15.5.2
debian dpkg 1.15.5.4
debian dpkg 1.15.7.2
debian dpkg 1.15.8.1
debian dpkg 1.15.8.6
debian dpkg
debian dpkg 1.9.9
debian dpkg 1.9.11
debian dpkg 1.9.18
debian dpkg 1.9.20
debian dpkg 1.17.4
debian dpkg 1.17.2
debian dpkg 1.17.0
debian dpkg 1.16.8
debian dpkg 1.16.6
debian dpkg 1.16.2
debian dpkg 1.16.1.1
debian dpkg 1.16.0
canonical ubuntu linux 12.10
canonical ubuntu linux 13.10
canonical ubuntu linux 14.04
debian dpkg 1.10
debian dpkg 1.10.21
debian dpkg 1.10.22
debian dpkg 1.10.23
debian dpkg 1.10.24
debian dpkg 1.13.10
debian dpkg 1.13.11
debian dpkg 1.13.11.1
debian dpkg 1.13.12
debian dpkg 1.13.24
debian dpkg 1.13.25
debian dpkg 1.13.3
debian dpkg 1.13.4
debian dpkg 1.14.16
debian dpkg 1.14.16.1
debian dpkg 1.14.16.2
debian dpkg 1.14.16.3
debian dpkg 1.14.26
debian dpkg 1.14.27
debian dpkg 1.14.28
debian dpkg 1.14.29
debian dpkg 1.15.3.1
debian dpkg 1.15.4
debian dpkg 1.15.4.1
debian dpkg 1.15.5
debian dpkg 1.15.5.1
debian dpkg 1.15.8.2
debian dpkg 1.15.8.3
debian dpkg 1.15.8.4
debian dpkg 1.15.8.5
debian dpkg 1.9.13
debian dpkg 1.9.14
debian dpkg 1.9.15
debian dpkg 1.9.16
debian dpkg 1.16.12
debian dpkg 1.16.11
debian dpkg 1.16.10
debian dpkg 1.16.9
debian dpkg 1.16.1
debian dpkg 1.16.0.3
debian dpkg 1.16.0.2
debian dpkg 1.16.0.1
debian dpkg 1.10.14
debian dpkg 1.10.15
debian dpkg 1.10.16
debian dpkg 1.10.17
debian dpkg 1.10.18
debian dpkg 1.10.3
debian dpkg 1.10.4
debian dpkg 1.10.5
debian dpkg 1.10.6
debian dpkg 1.13.17
debian dpkg 1.13.18
debian dpkg 1.13.19
debian dpkg 1.13.2
debian dpkg 1.14.0
debian dpkg 1.14.1
debian dpkg 1.14.10
debian dpkg 1.14.11
debian dpkg 1.14.18
debian dpkg 1.14.19
debian dpkg 1.14.2
debian dpkg 1.14.20
debian dpkg 1.14.21
debian dpkg 1.14.6
debian dpkg 1.14.7
debian dpkg 1.14.8
debian dpkg 1.14.9
debian dpkg 1.15.5.6
debian dpkg 1.15.6
debian dpkg 1.15.6.1
debian dpkg 1.15.7
debian dpkg 1.9.2
debian dpkg 1.9.3
debian dpkg 1.15.8.9
debian dpkg 1.9.7
debian dpkg 1.9.8
debian dpkg 1.9.21
debian dpkg 1.17.7
debian dpkg 1.17.6
debian dpkg 1.17.5
debian dpkg 1.16.4.3
debian dpkg 1.16.4.2
debian dpkg 1.16.4.1
debian dpkg 1.16.4
canonical ubuntu linux 12.04
debian dpkg 1.10.1
debian dpkg 1.10.12
debian dpkg 1.10.18.1
debian dpkg 1.10.2
debian dpkg 1.10.26
debian dpkg 1.10.28
debian dpkg 1.10.7
debian dpkg 1.10.9
debian dpkg 1.13.1
debian dpkg 1.13.13
debian dpkg 1.13.15
debian dpkg 1.13.21
debian dpkg 1.13.23
debian dpkg 1.13.5
debian dpkg 1.13.7
debian dpkg 1.13.9
debian dpkg 1.14.12
debian dpkg 1.14.14
debian dpkg 1.14.16.5
debian dpkg 1.14.17
debian dpkg 1.14.23
debian dpkg 1.14.25
debian dpkg 1.14.3
debian dpkg 1.14.4
debian dpkg 1.15.1
debian dpkg 1.15.3
debian dpkg 1.15.5.3
debian dpkg 1.15.5.5
debian dpkg 1.15.7.1
debian dpkg 1.15.8
debian dpkg 1.15.8.7
debian dpkg 1.9.1
debian dpkg 1.9.10
debian dpkg 1.9.12
debian dpkg 1.9.17
debian dpkg 1.9.19
debian dpkg 1.17.3
debian dpkg 1.17.1
debian dpkg 1.16.7
debian dpkg 1.16.5
debian dpkg 1.16.3
debian dpkg 1.16.1.2

Debian Bug report logs - #746498 dpkg-source: Directory traversal on unpack through missing --- header line Package: dpkg-dev; Maintainer for dpkg-dev is Dpkg Developers <debian-dpkg@listsdebianorg>; Source for dpkg-dev is src:dpkg (PTS, buildd, popcon) Reported by: javier--7C8FrOsBhwV6hRgYM4mLHJBYcgPTm9@jaspnet Date: W ...

Debian Bug report logs - #749183 dpkg-source: Directory traversal on unpack through Index: pseudo-header Package: dpkg-dev; Maintainer for dpkg-dev is Dpkg Developers <debian-dpkg@listsdebianorg>; Source for dpkg-dev is src:dpkg (PTS, buildd, popcon) Reported by: Guillem Jover <guillem@debianorg> Date: Sat, 24 May ...

A malicious source package could write files outside the unpack directory ...

Jakub Wilk discovered that dpkg did not correctly parse C-style filename quoting, allowing for paths to be traversed when unpacking a source package - leading to the creation of files outside the directory of the source being unpacked The update to the stable distribution (wheezy) incorporates non-security changes that were targeted for the point ...

CWE-22 http://www.debian.org/security/2014/dsa-2915 http://www.ubuntu.com/usn/USN-2183-1 http://www.securityfocus.com/bid/67106 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746498 https://usn.ubuntu.com/2183-2/

Get Started

CVE-2014-0471

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect