|
Family: Debian Local Security Checks --> Category: infos
[DSA078] DSA-078-1 slrn Vulnerability Scan
Vulnerability Scan Summary DSA-078-1 slrn
Detailed Explanation for this Vulnerability Test
Byrial Jensen found a nasty problem in slrn (a threaded news reader).
The notice on slrn-announce describes it as follows:
When trying to decode binaries, the built-in code executes any shell
scripts the article might contain, apparently assuming they would be
some kind of self-extracting archive.
This problem has been fixed in version 0.9.6.2-9potato2 by removing
this feature.
Solution : http://www.debian.org/security/2001/dsa-078
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|