CVE-2010-1679 - OpenCVE

Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via directory traversal sequences in a patch for a source-format 3.0 package.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Dpkg

Configuration 1 [-]

OR	cpe:2.3:a:debian:dpkg::::::::
	cpe:2.3:a:debian:dpkg:1.9.19:::::::*
	cpe:2.3:a:debian:dpkg:1.9.20:::::::*
	cpe:2.3:a:debian:dpkg:1.9.21:::::::*
	cpe:2.3:a:debian:dpkg:1.10:::::::*
	cpe:2.3:a:debian:dpkg:1.10.1:::::::*
	cpe:2.3:a:debian:dpkg:1.10.2:::::::*
	cpe:2.3:a:debian:dpkg:1.10.3:::::::*
	cpe:2.3:a:debian:dpkg:1.10.4:::::::*
	cpe:2.3:a:debian:dpkg:1.10.5:::::::*
	cpe:2.3:a:debian:dpkg:1.10.6:::::::*
	cpe:2.3:a:debian:dpkg:1.10.7:::::::*
	cpe:2.3:a:debian:dpkg:1.10.8:::::::*
	cpe:2.3:a:debian:dpkg:1.10.9:::::::*
	cpe:2.3:a:debian:dpkg:1.10.10:::::::*
	cpe:2.3:a:debian:dpkg:1.10.11:::::::*
	cpe:2.3:a:debian:dpkg:1.10.12:::::::*
	cpe:2.3:a:debian:dpkg:1.10.13:::::::*
	cpe:2.3:a:debian:dpkg:1.10.14:::::::*
	cpe:2.3:a:debian:dpkg:1.10.15:::::::*
	cpe:2.3:a:debian:dpkg:1.10.16:::::::*
	cpe:2.3:a:debian:dpkg:1.10.17:::::::*
	cpe:2.3:a:debian:dpkg:1.10.18:::::::*
	cpe:2.3:a:debian:dpkg:1.10.18.1:::::::*
	cpe:2.3:a:debian:dpkg:1.10.19:::::::*
	cpe:2.3:a:debian:dpkg:1.10.20:::::::*
	cpe:2.3:a:debian:dpkg:1.10.21:::::::*
	cpe:2.3:a:debian:dpkg:1.10.22:::::::*
	cpe:2.3:a:debian:dpkg:1.10.23:::::::*
	cpe:2.3:a:debian:dpkg:1.10.24:::::::*
	cpe:2.3:a:debian:dpkg:1.10.25:::::::*
	cpe:2.3:a:debian:dpkg:1.10.26:::::::*
	cpe:2.3:a:debian:dpkg:1.10.27:::::::*
	cpe:2.3:a:debian:dpkg:1.10.28:::::::*
	cpe:2.3:a:debian:dpkg:1.13.0:::::::*
	cpe:2.3:a:debian:dpkg:1.13.1:::::::*
	cpe:2.3:a:debian:dpkg:1.13.2:::::::*
	cpe:2.3:a:debian:dpkg:1.13.3:::::::*
	cpe:2.3:a:debian:dpkg:1.13.4:::::::*
	cpe:2.3:a:debian:dpkg:1.13.5:::::::*
	cpe:2.3:a:debian:dpkg:1.13.6:::::::*
	cpe:2.3:a:debian:dpkg:1.13.7:::::::*
	cpe:2.3:a:debian:dpkg:1.13.8:::::::*
	cpe:2.3:a:debian:dpkg:1.13.9:::::::*
	cpe:2.3:a:debian:dpkg:1.13.10:::::::*
	cpe:2.3:a:debian:dpkg:1.13.11:::::::*
	cpe:2.3:a:debian:dpkg:1.13.11.1:::::::*
	cpe:2.3:a:debian:dpkg:1.13.12:::::::*
	cpe:2.3:a:debian:dpkg:1.13.13:::::::*
	cpe:2.3:a:debian:dpkg:1.13.14:::::::*
	cpe:2.3:a:debian:dpkg:1.13.15:::::::*
	cpe:2.3:a:debian:dpkg:1.13.16:::::::*
	cpe:2.3:a:debian:dpkg:1.13.17:::::::*
	cpe:2.3:a:debian:dpkg:1.13.18:::::::*
	cpe:2.3:a:debian:dpkg:1.13.19:::::::*
	cpe:2.3:a:debian:dpkg:1.13.20:::::::*
	cpe:2.3:a:debian:dpkg:1.13.21:::::::*
	cpe:2.3:a:debian:dpkg:1.13.22:::::::*
	cpe:2.3:a:debian:dpkg:1.13.23:::::::*
	cpe:2.3:a:debian:dpkg:1.13.24:::::::*
	cpe:2.3:a:debian:dpkg:1.13.25:::::::*
	cpe:2.3:a:debian:dpkg:1.14.0:::::::*
	cpe:2.3:a:debian:dpkg:1.14.1:::::::*
	cpe:2.3:a:debian:dpkg:1.14.2:::::::*
cpe:2.3:a:debian:dpkg:1.14.3:::::::*
cpe:2.3:a:debian:dpkg:1.14.4:::::::*
cpe:2.3:a:debian:dpkg:1.14.5:::::::*
cpe:2.3:a:debian:dpkg:1.14.6:::::::*
cpe:2.3:a:debian:dpkg:1.14.7:::::::*
cpe:2.3:a:debian:dpkg:1.14.8:::::::*
cpe:2.3:a:debian:dpkg:1.14.9:::::::*
cpe:2.3:a:debian:dpkg:1.14.10:::::::*
cpe:2.3:a:debian:dpkg:1.14.11:::::::*
cpe:2.3:a:debian:dpkg:1.14.12:::::::*
cpe:2.3:a:debian:dpkg:1.14.13:::::::*
cpe:2.3:a:debian:dpkg:1.14.14:::::::*
cpe:2.3:a:debian:dpkg:1.14.15:::::::*
cpe:2.3:a:debian:dpkg:1.14.16:::::::*
cpe:2.3:a:debian:dpkg:1.14.16.1:::::::*
cpe:2.3:a:debian:dpkg:1.14.16.2:::::::*
cpe:2.3:a:debian:dpkg:1.14.16.3:::::::*
cpe:2.3:a:debian:dpkg:1.14.16.4:::::::*
cpe:2.3:a:debian:dpkg:1.14.16.5:::::::*
cpe:2.3:a:debian:dpkg:1.14.16.6:::::::*
cpe:2.3:a:debian:dpkg:1.14.17:::::::*
cpe:2.3:a:debian:dpkg:1.14.18:::::::*
cpe:2.3:a:debian:dpkg:1.14.19:::::::*
cpe:2.3:a:debian:dpkg:1.14.20:::::::*
cpe:2.3:a:debian:dpkg:1.14.21:::::::*
cpe:2.3:a:debian:dpkg:1.14.22:::::::*
cpe:2.3:a:debian:dpkg:1.14.23:::::::*
cpe:2.3:a:debian:dpkg:1.14.24:::::::*
cpe:2.3:a:debian:dpkg:1.14.25:::::::*
cpe:2.3:a:debian:dpkg:1.14.26:::::::*
cpe:2.3:a:debian:dpkg:1.14.27:::::::*
cpe:2.3:a:debian:dpkg:1.14.28:::::::*
cpe:2.3:a:debian:dpkg:1.14.29:::::::*

Configuration 2 [-]

OR	cpe:2.3:a:debian:dpkg:1.15.0:::::::*
	cpe:2.3:a:debian:dpkg:1.15.1:::::::*
	cpe:2.3:a:debian:dpkg:1.15.2:::::::*
	cpe:2.3:a:debian:dpkg:1.15.3:::::::*
	cpe:2.3:a:debian:dpkg:1.15.3.1:::::::*
	cpe:2.3:a:debian:dpkg:1.15.4:::::::*
	cpe:2.3:a:debian:dpkg:1.15.4.1:::::::*
	cpe:2.3:a:debian:dpkg:1.15.5:::::::*
	cpe:2.3:a:debian:dpkg:1.15.5.1:::::::*
	cpe:2.3:a:debian:dpkg:1.15.5.2:::::::*
	cpe:2.3:a:debian:dpkg:1.15.5.3:::::::*
	cpe:2.3:a:debian:dpkg:1.15.5.4:::::::*
	cpe:2.3:a:debian:dpkg:1.15.5.5:::::::*
	cpe:2.3:a:debian:dpkg:1.15.5.6:::::::*
	cpe:2.3:a:debian:dpkg:1.15.6:::::::*
	cpe:2.3:a:debian:dpkg:1.15.6.1:::::::*
	cpe:2.3:a:debian:dpkg:1.15.7:::::::*
	cpe:2.3:a:debian:dpkg:1.15.7.1:::::::*
	cpe:2.3:a:debian:dpkg:1.15.7.2:::::::*
	cpe:2.3:a:debian:dpkg:1.15.8:::::::*
	cpe:2.3:a:debian:dpkg:1.15.8.1:::::::*
	cpe:2.3:a:debian:dpkg:1.15.8.2:::::::*
	cpe:2.3:a:debian:dpkg:1.15.8.3:::::::*
	cpe:2.3:a:debian:dpkg:1.15.8.4:::::::*
	cpe:2.3:a:debian:dpkg:1.15.8.5:::::::*
	cpe:2.3:a:debian:dpkg:1.15.8.6:::::::*
	cpe:2.3:a:debian:dpkg:1.15.8.7:::::::*
	cpe:2.3:a:debian:dpkg:1.15.8.8:::::::*

No data.

References

Link	Providers
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053306.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053311.html
http://osvdb.org/70368
http://secunia.com/advisories/42826
http://secunia.com/advisories/42831
http://secunia.com/advisories/43054
http://www.debian.org/security/2011/dsa-2142
http://www.securityfocus.com/bid/45703
http://www.ubuntu.com/usn/USN-1038-1
http://www.vupen.com/english/advisories/2011/0040
http://www.vupen.com/english/advisories/2011/0044
http://www.vupen.com/english/advisories/2011/0196
https://exchange.xforce.ibmcloud.com/vulnerabilities/64615

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2011-01-11T01:00:00

Updated: 2024-08-07T01:35:52.662Z

Reserved: 2010-04-30T00:00:00

Link: CVE-2010-1679

Vulnrichment

No data.

NVD

Status : Modified

Published: 2011-01-11T03:00:01.750

Modified: 2017-08-17T01:32:27.507

Link: CVE-2010-1679

Redhat

No data.

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object