A critical path traversal vulnerability in the Pardus Software Center allows attackers to access unauthorized files, potentially leading to system compromise.

The application fails to properly limit pathnames to a restricted directory, allowing for directory traversal attacks that can be exploited by local or remote attackers.

The CVSS score of 9.6 indicates a high potential for impact, including unauthorized access to sensitive system files and configuration data. This could allow an attacker to gain elevated privileges or disrupt the functionality of the software center.

Immediate Action: Upgrade the Pardus Software Center to version 1.0.3 or later.

Proactive Monitoring: Monitor system logs for file access anomalies or attempts to access unexpected directories.

Compensating Controls: Enforce strict file system permissions to ensure the software center runs with the least privilege necessary.

Public Exploit Available: Unknown

This vulnerability should be addressed with high urgency. Users of the Pardus Software Center should verify their current version and update immediately to prevent unauthorized file access.