Family: Debian Local Security Checks --> Category: infos
[DSA895] DSA-895-1 uim Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Masanari Yamamoto discovered incorrect use of environment variables in
uim, a flexible input method collection and library, that could lead
to escalated rights in setuid/setgid applications linked to
libuim. Affected in Debian is at least mlterm.
The old stable distribution (woody) does not contain uim packages.
For the stable distribution (sarge) this problem has been fixed in
For the unstable distribution (sid) this problem has been fixed in
We recommend that you upgrade your libuim packages.
Solution : http://www.debian.org/security/2005/dsa-895
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.