Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
dpkg 1.15.9, 1.16.x before 1.16.14, and 1.17.x before 1.17.9 expect the patch program to be compliant with a need for the "C-style encoded filenames" feature, but is supported in environments with noncompliant patch programs, which triggers an interaction error that allows remote attackers to conduct directory traversal attacks and modify files outside of the intended directories via a crafted source package. NOTE: this vulnerability exists because of reliance on unrealistic constraints on the behavior of an external program.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
dpkg 路径遍历漏洞
Vulnerability Description
dpkg是美国软件开发者伊恩-默多克(Ian Murdock)所研发的一款Debian软件包管理器。 dpkg中存在安全漏洞。远程攻击者可借助特制的源码包利用该漏洞实施目录遍历攻击,修改既定的目录外的文件。以下版本受到影响:dpkg 1.15.9,1.16.14之前的1.16.x版本,1.17.9之前的1.17.x版本。
CVSS Information
N/A
Vulnerability Type
N/A