Family: Debian Local Security Checks --> Category: infos
[DSA664] DSA-664-1 cpio Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
It has been discovered, that cpio, a program to manage archives of
files, creates output files with -O and -F with broken permissions due
to a reset zero umask which allows local users to read or overwrite
For the stable distribution (woody) this problem has been fixed in
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you upgrade your cpio package.
Solution : http://www.debian.org/security/2005/dsa-664
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.