CVE-2013-6888

Name of the Vulnerable Software and Affected Versions devscripts versions prior to 2.13.9

Description The issue concerns multiple vulnerabilities in the devscripts package of the Debian GNU/Linux operating system, which can be exploited remotely to compromise the confidentiality, integrity, and availability of protected information. Specifically, the uscan function in devscripts allows remote attackers to execute arbitrary code via a crafted tarball.

Recommendations For devscripts versions prior to 2.13.9, update to version 2.13.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the uscan function to minimize the risk of exploitation.