NuytsTech Security

CVE-2013-7050

by ·

The get_main_source_dir function in scripts/uscan.pl in devscripts before 2.13.8, when using USCAN_EXCLUSION, allows remote attackers to execute arbitrary commands via shell metacharacters in a directory name.

Date published : 2013-12-13

http://www.securityfocus.com/bid/64241

http://anonscm.debian.org/gitweb/?p=collab-maint/devscripts.git;a=commitdiff;h=91f05b5

Tags: