Family: Debian Local Security Checks --> Category: infos
[DSA521] DSA-521-1 sup Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
firstname.lastname@example.org discovered a format string vulnerability in
sup, a set of programs to synchronize collections of files across a
number of machines, whereby a remote attacker could potentially cause
arbitrary code to be executed with the rights of the supfilesrv
process (this process does not run automatically by default).
CVE-2004-0451: format string vulnerabilities in sup via syslog(3) in
logquit, logerr, loginfo functions
For the current stable distribution (woody), this problem has been
fixed in version 1.8-8woody2.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you update your sup package.
Solution : http://www.debian.org/security/2004/dsa-521
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.