Family: Debian Local Security Checks --> Category: infos
[DSA843] DSA-843-1 arc Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Two vulnerabilities have been discovered in the ARC archive program
under Unix. The Common Vulnerabilities and Exposures project
identifies the following problems:
Eric Romang discovered that the ARC archive program under Unix
creates a temporary file with insecure permissions which may lead
to a possible hacker stealing sensitive information.
Joey Schulze discovered that the temporary file was created in an
insecure fashion as well, leaving it open to a classic symlink
The old stable distribution (woody) does not contain arc packages.
For the stable distribution (sarge) these problems have been fixed in
For the unstable distribution (sid) these problems have been fixed in
We recommend that you upgrade your arc package.
Solution : http://www.debian.org/security/2005/dsa-843
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.