#VU45471 Link following in dpkg - CVE-2011-0402

Cybersecurity Help s.r.o.

Published: 2011-01-11 | Updated: 2022-12-19

Vulnerability identifier: #VU45471

Vulnerability risk: Medium

CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2011-0402

CWE-ID: CWE-59

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
dpkg
Other software / Other software solutions

Vendor: Debian Package Manager

Description

The vulnerability allows a remote attacker to overwrite arbitrary files on the system.

dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via a symlink attack on unspecified files in the .pc directory.

Mitigation
Install update from vendor's website.

Vulnerable software versions

dpkg: 1.9.19 - 1.9.21, 1.10 - 1.15.8.8

External links
https://lists.fedoraproject.org/pipermail/package-announce/2011-January/053306.html
https://lists.fedoraproject.org/pipermail/package-announce/2011-January/053311.html
https://osvdb.org/70367
https://secunia.com/advisories/42826
https://secunia.com/advisories/42831
https://secunia.com/advisories/43054
https://www.debian.org/security/2011/dsa-2142
https://www.securityfocus.com/bid/45703
https://www.ubuntu.com/usn/USN-1038-1
https://www.vupen.com/english/advisories/2011/0040
https://www.vupen.com/english/advisories/2011/0044
https://www.vupen.com/english/advisories/2011/0196
https://exchange.xforce.ibmcloud.com/vulnerabilities/64614

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in dpkg