CVE-2014-1833

devscripts <2.14.1 - Path Traversal

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in uupdate in devscripts 2.14.1 allows remote attackers to modify arbitrary files via a crafted .orig.tar file, related to a symlink.

References (8)

Core 8
Core References
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2014/01/31/11
Vendor Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1059947
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/65260
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/90842
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2014/01/31/7
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2649-1
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/102748

Scores

EPSS 0.0373
EPSS Percentile 88.5%

Details

CWE
CWE-22
Status published
Products (1)
devscripts_devel_team/devscripts 2.14.1
Published Feb 05, 2014
Tracked Since Feb 18, 2026