Family: Debian Local Security Checks --> Category: infos
[DSA116] DSA-116-1 cfs Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Zorgon found several buffer overflows in cfsd, a daemon that pushes
encryption services into the Unix(tm) file system. We are not yet
sure if these overflows can successfully be exploited to gain root
access to the machine running the CFS daemon. However, since cfsd can
easily be forced to die, a malicious user can easily perform a denial
of service attack to it.
This problem has been fixed in version 1.3.3-8.1 for the stable Debian
distribution and in version 1.4.1-5 for the testing and unstable
distribution of Debian.
We recommend that you upgrade your cfs package immediately.
Solution : http://www.debian.org/security/2002/dsa-116
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.