|Debian Lintian多个本地安全漏洞 - VULHUB开源网络安全威胁库

Debian Lintian多个本地安全漏洞

- AV AC AU C I A

发布： 2025-04-13

修订： 2025-04-13

Bugraq ID: 37975 CVE ID：CVE-2009-4013 CVE-2009-4014 CVE-2009-4015 Debian Lintian是一款软件包检查程序。 Debian Lintian存在多个安全漏洞，本地攻击者可以利用这些漏洞执行任意代码或者提升特权或获得敏感信息。 CVE-2009-4013：控制文件过滤缺失 CNCVE ID：CNCVE-20094013 CNCVE-20094014 CNCVE-20094015 CNCVE-20094013 控制字段名称和值在使用前没有充分过滤，在部分操作下可导致目录遍历。 Patch systems控制文件在使用前没有充分过滤，在部分操作下可导致目录遍历。攻击者可以利用这些漏洞覆盖任意文件或泄漏系统信息。 CVE-2009-4014:格式字符串漏洞 CNCVE ID：CNCVE-20094013 CNCVE-20094014 CNCVE-20094015 CNCVE-20094013 CNCVE-20094014 多个检查脚本和Lintian::Schedule模块使用用户提供的输入作为sprintf/printf格式串参数。 CVE-2009-4015:任意命令执行 CNCVE ID：CNCVE-20094013 CNCVE-20094014 CNCVE-20094015 CNCVE-20094013 CNCVE-20094014 CNCVE-20094015 文件名没有充分过滤就直接传递给部分命令作参数，允许以管道或SHELL命令集执行其他命令。 Debian lintian Debian linux用户可参考如下升级程序： Debian Linux 4.0 amd64 Debian lintian_1.23.28+etch1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.23.28 +etch1_all.deb Debian Linux 4.0 ia-32 Debian lintian_1.23.28+etch1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.23.28 +etch1_all.deb Debian Linux 4.0 arm Debian lintian_1.23.28+etch1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.23.28 +etch1_all.deb Debian Linux 5.0 hppa Debian lintian_1.24.2.1+lenny1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.24.2. 1+lenny1_all.deb Debian Linux 5.0 ia-64 Debian lintian_1.24.2.1+lenny1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.24.2. 1+lenny1_all.deb Debian Linux 4.0 hppa Debian lintian_1.23.28+etch1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.23.28 +etch1_all.deb Debian Linux 4.0 sparc Debian lintian_1.23.28+etch1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.23.28 +etch1_all.deb Debian Linux 4.0 s/390 Debian lintian_1.23.28+etch1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.23.28 +etch1_all.deb Debian Linux 5.0 m68k Debian lintian_1.24.2.1+lenny1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.24.2. 1+lenny1_all.deb Debian Linux 5.0 arm Debian lintian_1.24.2.1+lenny1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.24.2. 1+lenny1_all.deb Debian Linux 4.0 powerpc Debian lintian_1.23.28+etch1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.23.28 +etch1_all.deb Debian Linux 4.0 alpha Debian lintian_1.23.28+etch1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.23.28 +etch1_all.deb Debian Linux 4.0 armel Debian lintian_1.23.28+etch1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.23.28 +etch1_all.deb Debian Linux 5.0 armel Debian lintian_1.24.2.1+lenny1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.24.2. 1+lenny1_all.deb Debian Linux 4.0 m68k Debian lintian_1.23.28+etch1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.23.28 +etch1_all.deb Debian Linux 5.0 Debian lintian_1.24.2.1+lenny1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.24.2. 1+lenny1_all.deb Debian Linux 4.0 Debian lintian_1.23.28+etch1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.23.28 +etch1_all.deb Debian Linux 4.0 mipsel Debian lintian_1.23.28+etch1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.23.28 +etch1_all.deb Debian Linux 5.0 amd64 Debian lintian_1.24.2.1+lenny1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.24.2. 1+lenny1_all.deb Debian Linux 5.0 alpha Debian lintian_1.24.2.1+lenny1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.24.2. 1+lenny1_all.deb Debian Linux 5.0 ia-32 Debian lintian_1.24.2.1+lenny1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.24.2. 1+lenny1_all.deb Debian Linux 5.0 mips Debian lintian_1.24.2.1+lenny1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.24.2. 1+lenny1_all.deb Debian Linux 5.0 s/390 Debian lintian_1.24.2.1+lenny1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.24.2. 1+lenny1_all.deb Debian Linux 5.0 mipsel Debian lintian_1.24.2.1+lenny1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.24.2. 1+lenny1_all.deb Debian Linux 5.0 powerpc Debian lintian_1.24.2.1+lenny1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.24.2. 1+lenny1_all.deb Debian Linux 4.0 ia-64 Debian lintian_1.23.28+etch1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.23.28 +etch1_all.deb Debian Linux 4.0 mips Debian lintian_1.23.28+etch1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.23.28 +etch1_all.deb Debian Linux 5.0 sparc Debian lintian_1.24.2.1+lenny1_all.deb http://security.debian.org/pool/updates/main/l/lintian/lintian_1.24.2. 1+lenny1_all.deb

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有0条受影响产品信息

您还没有登录，登录后可查看更多

添加资源
收藏资源
问题反馈

贡献用户

暂无贡献用户

VULHUB ™