Debian devscripts 'uscan' Input Validation Vulnerability
Medium Nessus Network Monitor Plugin ID 5175
SynopsisThe remote host is vulnerable to a remote code execution attack.
DescriptionThe remote host is running a version of devscripts uscan that is potentially affected by a code execution vulnerability. The application runs Perl code downloaded from potentially untrusted sources to implement its URL and version mangling functionality. An attacker could exploit this flaw to execute arbitrary code on the remote host.
SolutionUpgrade to devscripts uscan 2.9.6 / 2.10.35