CVE-2011-0402
dpkg < 1.14.31 - Arbitrary File Modification via Symlink Attack in .pc Directory
Title source: llmDescription
dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via a symlink attack on unspecified files in the .pc directory.
References (13)
Core 13
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/42831
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053311.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/64614
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/42826
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053306.html
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1038-1
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/70367
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0040
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/45703
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2011/dsa-2142
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/43054
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0044
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0196
Scores
EPSS
0.0287
EPSS Percentile
85.0%
Details
CWE
CWE-59
Status
published
Products (50)
debian/dpkg
1.9.19
debian/dpkg
1.9.20
debian/dpkg
1.9.21
debian/dpkg
1.10
debian/dpkg
1.10.1
debian/dpkg
1.10.2
debian/dpkg
1.10.3
debian/dpkg
1.10.4
debian/dpkg
1.10.5
debian/dpkg
1.10.6
... and 40 more
Published
Jan 11, 2011
Tracked Since
Feb 18, 2026