Ubuntu Update For Dpkg Vulnerability USN-1038-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1038-1

Solution

Please Install the Updated Packages.

Insight

Jakub Wilk and Rapha&#235 l Hertzog discovered that dpkg-source did not correctly handle certain paths and symlinks when unpacking source-format version 3.0 packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or potentially gaining access to the system.

Affected

dpkg vulnerability on Ubuntu 9.10 , Ubuntu 10.04 LTS , Ubuntu 10.10

Severity

Classification

CVE CVE-2010-1679

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for cups, cupsys vulnerabilities USN-952-1
Ubuntu Update for bzip2 vulnerability USN-986-1
Ubuntu Update for cupsys vulnerability USN-606-1
Ubuntu Update for apport USN-1668-1
Ubuntu Update for apache2 USN-2152-1

Ubuntu Update for dpkg vulnerability USN-1038-1

Take action and discover your vulnerabilities