CVE-2009-4015

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2009-4015
Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allows remote attackers to execute arbitrary commands via shell metacharacters in filename arguments.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=c8d01f062b3e5137cf65196760b079a855c75e00
http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=fbe0c92b2ef7e360d13414bf40d6af5507d0c86d
http://packages.debian.org/changelogs/pool/main/l/lintian/lintian_2.3.2/changelog
http://packages.qa.debian.org/l/lintian/news/20100128T015554Z.html
http://secunia.com/advisories/38375 Vendor Advisory
http://secunia.com/advisories/38379 Vendor Advisory
http://www.debian.org/security/2010/dsa-1979 Vendor Advisory
http://www.securityfocus.com/bid/37975 Patch
http://www.ubuntu.com/usn/USN-891-1
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:debian:lintian:1.23.0:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.2:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.3:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.4:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.5:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.6:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.7:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.8:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.9:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.10:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.11:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.12:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.13:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.14:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.15:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.16:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.17:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.18:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.19:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.20:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.22:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.23:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.24:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.25:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.26:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.27:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.23.28:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.24.0:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.24.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:1.24.2:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.0-rc1:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.0-rc2:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.1.4:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.1.5:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.1.6:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.2.6:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.2.7:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.2.8:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.2.9:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.2.10:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.2.11:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.2.12:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.2.13:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.2.14:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.2.15:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.2.16:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.2.18:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:debian:lintian:2.3.1:*:*:*:*:*:*:*
History

07 Nov 2023, 02:04

Type Values Removed Values Added
References
  • {'url': 'http://git.debian.org/?p=lintian/lintian.git;a=commit;h=fbe0c92b2ef7e360d13414bf40d6af5507d0c86d', 'name': 'http://git.debian.org/?p=lintian/lintian.git;a=commit;h=fbe0c92b2ef7e360d13414bf40d6af5507d0c86d', 'tags': [], 'refsource': 'CONFIRM'}
  • {'url': 'http://git.debian.org/?p=lintian/lintian.git;a=commit;h=c8d01f062b3e5137cf65196760b079a855c75e00', 'name': 'http://git.debian.org/?p=lintian/lintian.git;a=commit;h=c8d01f062b3e5137cf65196760b079a855c75e00', 'tags': [], 'refsource': 'CONFIRM'}
  • () http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=fbe0c92b2ef7e360d13414bf40d6af5507d0c86d -
  • () http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=c8d01f062b3e5137cf65196760b079a855c75e00 -
Information

Published : 2010-02-02 16:30

Updated : 2023-12-10 11:03

NVD link : CVE-2009-4015

Mitre link : CVE-2009-4015

CVE.ORG link : CVE-2009-4015

JSON object : View

Products Affected

debian

  • lintian
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')