Affected configuration(s):
cpe:/a:devscripts_devel_team:devscripts:2.14.1
Date published: 2014-02-05T13:55:06.363-05:00
Date last modified: 2017-11-07T21:29:00.770-05:00
CVSS Score: 5.0
Principal attack vector: NETWORK
Complexity: LOW
Reference URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737160
Summary: Directory traversal vulnerability in uupdate in devscripts 2.14.1 allows remote attackers to modify arbitrary files via a crafted .orig.tar file, related to a symlink.