CVE-2009-4013

Name of the Vulnerable Software and Affected Versions Lintian versions 1.23.x through 1.23.28 Lintian versions 1.24.x through 1.24.2.1 Lintian versions 2.x before 2.3.2

Description Multiple directory traversal vulnerabilities allow remote attackers to overwrite arbitrary files or obtain sensitive information via vectors involving control field names, control field values, and control files of patch systems. The exploitation of these vulnerabilities can lead to a breach of confidentiality, integrity, and availability of protected information.

Recommendations For versions 1.23.x through 1.23.28, update to a version after 1.23.28 to resolve the issue. For versions 1.24.x through 1.24.2.1, update to a version after 1.24.2.1 to resolve the issue. For versions 2.x before 2.3.2, update to version 2.3.2 or later to resolve the issue. As a temporary workaround, consider restricting access to control field names, control field values, and control files of patch systems to minimize the risk of exploitation.