Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Debian devscripts 'uscan' Input Validation Vulnerability

Medium

Synopsis

The remote host is vulnerable to a remote code execution attack.

Description

The remote host is running a version of devscripts uscan that is potentially affected by a code execution vulnerability. The application runs Perl code downloaded from potentially untrusted sources to implement its URL and version mangling functionality. An attacker could exploit this flaw to execute arbitrary code on the remote host.

Solution

Upgrade to devscripts uscan 2.9.6 / 2.10.35