Family: Debian Local Security Checks --> Category: infos
[DSA676] DSA-676-1 xpcd Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Erik Sjölund discovered a buffer overflow in pcdsvgaview, an SVGA
PhotoCD viewer. xpcd-svga is part of xpcd and uses svgalib to display
graphics on the Linux console for which root permissions are required.
A malicious user could overflow a fixed-size buffer and may cause the
program to execute arbitrary code with elevated rights.
For the stable distribution (woody) this problem has been fixed in
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you upgrade your xpcd-svga package immediately.
Solution : http://www.debian.org/security/2005/dsa-676
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.