Article Source Ubuntu Security Notices
October 9, 2009, 7:32 am
October 9, 2009, 7:32 am
This update provides the corresponding updates for Ubuntu 6.06 LTS.
Original advisory details: Raphael Geissert discovered that uscan, a part of devscripts, did not properly sanitize its input when processing pathnames. If uscan processed a crafted filename for a file on a remote server, an attacker could execute arbitrary code with the privileges of the user invoking the program…