Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2009-4014

Multiple format string vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to have an unspecified impact via vectors involving (1) check scripts and (2) the Lintian::Schedule module.

Published

2010-02-02T16:30:02.327

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

6.4

Weaknesses

Type: Primary
CWE-134

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	debian	lintian	1.23.0	Yes
Application	debian	lintian	1.23.1	Yes
Application	debian	lintian	1.23.2	Yes
Application	debian	lintian	1.23.3	Yes
Application	debian	lintian	1.23.4	Yes
Application	debian	lintian	1.23.5	Yes
Application	debian	lintian	1.23.6	Yes
Application	debian	lintian	1.23.7	Yes
Application	debian	lintian	1.23.8	Yes
Application	debian	lintian	1.23.9	Yes
Application	debian	lintian	1.23.10	Yes
Application	debian	lintian	1.23.11	Yes
Application	debian	lintian	1.23.12	Yes
Application	debian	lintian	1.23.13	Yes
Application	debian	lintian	1.23.14	Yes
Application	debian	lintian	1.23.15	Yes
Application	debian	lintian	1.23.16	Yes
Application	debian	lintian	1.23.17	Yes
Application	debian	lintian	1.23.18	Yes
Application	debian	lintian	1.23.19	Yes
Application	debian	lintian	1.23.20	Yes
Application	debian	lintian	1.23.22	Yes
Application	debian	lintian	1.23.23	Yes
Application	debian	lintian	1.23.24	Yes
Application	debian	lintian	1.23.25	Yes
Application	debian	lintian	1.23.26	Yes
Application	debian	lintian	1.23.27	Yes
Application	debian	lintian	1.23.28	Yes
Application	debian	lintian	1.24.0	Yes
Application	debian	lintian	1.24.1	Yes
Application	debian	lintian	1.24.2	Yes
Application	debian	lintian	1.24.2.1	Yes
Application	debian	lintian	2.0-rc1	Yes
Application	debian	lintian	2.0-rc2	Yes
Application	debian	lintian	2.1.0	Yes
Application	debian	lintian	2.1.1	Yes
Application	debian	lintian	2.1.2	Yes
Application	debian	lintian	2.1.3	Yes
Application	debian	lintian	2.1.4	Yes
Application	debian	lintian	2.1.5	Yes
Application	debian	lintian	2.1.6	Yes
Application	debian	lintian	2.2.0	Yes
Application	debian	lintian	2.2.1	Yes
Application	debian	lintian	2.2.2	Yes
Application	debian	lintian	2.2.3	Yes
Application	debian	lintian	2.2.4	Yes
Application	debian	lintian	2.2.5	Yes
Application	debian	lintian	2.2.6	Yes
Application	debian	lintian	2.2.7	Yes
Application	debian	lintian	2.2.8	Yes
Application	debian	lintian	2.2.9	Yes
Application	debian	lintian	2.2.10	Yes
Application	debian	lintian	2.2.11	Yes
Application	debian	lintian	2.2.12	Yes
Application	debian	lintian	2.2.13	Yes
Application	debian	lintian	2.2.14	Yes
Application	debian	lintian	2.2.15	Yes
Application	debian	lintian	2.2.16	Yes
Application	debian	lintian	2.2.18	Yes
Application	debian	lintian	2.3.0	Yes
Application	debian	lintian	2.3.1	Yes

References

http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=c8d01f062b3e5137cf65196760b079a855c75e00 ([email protected])
http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=fbe0c92b2ef7e360d13414bf40d6af5507d0c86d ([email protected])
http://packages.debian.org/changelogs/pool/main/l/lintian/lintian_2.3.2/changelog ([email protected])
http://packages.qa.debian.org/l/lintian/news/20100128T015554Z.html ([email protected])
http://secunia.com/advisories/38375 Vendor Advisory ([email protected])
http://secunia.com/advisories/38379 Vendor Advisory ([email protected])
http://www.debian.org/security/2010/dsa-1979 Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/37975 Patch ([email protected])
http://www.ubuntu.com/usn/USN-891-1 ([email protected])
http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=c8d01f062b3e5137cf65196760b079a855c75e00 (af854a3a-2127-422b-91ae-364da2661108)
http://git.debian.org/?p=lintian/lintian.git%3Ba=commit%3Bh=fbe0c92b2ef7e360d13414bf40d6af5507d0c86d (af854a3a-2127-422b-91ae-364da2661108)
http://packages.debian.org/changelogs/pool/main/l/lintian/lintian_2.3.2/changelog (af854a3a-2127-422b-91ae-364da2661108)
http://packages.qa.debian.org/l/lintian/news/20100128T015554Z.html (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/38375 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/38379 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2010/dsa-1979 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/37975 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-891-1 (af854a3a-2127-422b-91ae-364da2661108)