Family: Debian Local Security Checks --> Category: infos
[DSA636] DSA-636-1 glibc Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Several insecure uses of temporary files have been discovered in
support scripts in the libc6 package which provides the c library for
a GNU/Linux system. Trustix developers found that the catchsegv
script uses temporary files insecurely. Openwall developers
discovered insecure temporary files in the glibcbug script. These
scripts are vulnerable to a symlink attack.
For the stable distribution (woody) these problems have been fixed in
For the unstable distribution (sid) these problems have been fixed in
We recommend that you upgrade your libc6 package.
Solution : http://www.debian.org/security/2005/dsa-636
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.