PT-2009-1032 · Debian+1 · Debian+1

James Stone

Published

2009-04-09

Updated

2009-04-16

CVE-2009-1254

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Tunapie version 2.1 Tunapie (affected versions not specified) in Debian GNU/Linux

Description The issue allows remote attackers to execute arbitrary commands via shell metacharacters in a stream URL. Multiple vulnerabilities in the Tunapie package of the Debian GNU/Linux operating system can be exploited remotely, potentially leading to breaches of confidentiality, integrity, and availability of protected information.

Recommendations For Tunapie version 2.1, update to a version that fixes the issue with shell metacharacters in stream URLs. For Tunapie in Debian GNU/Linux, apply the necessary security updates to address the multiple vulnerabilities in the package. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-59

Related Identifiers

BDU:2015-03455

CVE-2009-1254

DSA-1764-1

Affected Products

Debian

Tunapie

PT-2009-1032 · Debian+1 · Debian+1

CVE-2009-1254

Weakness Enumeration

Related Identifiers

Affected Products

References · 12