Ubuntu Security Notice 847-1: Devscripts vulnerability

Article Source Ubuntu Security Notices
October 8, 2009, 2:47 pm

Raphael Geissert discovered that uscan, a part of devscripts, did not properly sanitize its input when processing pathnames. If uscan processed a crafted filename for a file on a remote server, an attacker could execute arbitrary code with the privileges of the user invoking the program…

Read More