|
Family: Debian Local Security Checks --> Category: infos
[DSA107] DSA-107-1 jgroff Vulnerability Scan
Vulnerability Scan Summary DSA-107-1 jgroff
Detailed Explanation for this Vulnerability Test
Basically, this is the same Security Advisory as
href="$(HOME)/security/2001/dsa-072">DSA 072-1, but for
jgroff instead of groff. The package jgroff contains a version
derived from groff that has Japanese character sets enabled. This
package is available only in the stable release of Debian, patches for
Japanese support have been merged into the main groff package.
The old advisory said:
Zenith Parse found a security problem in groff (the GNU version of
troff). The pic command was vulnerable to a printf format attack
which made it possible to circumvent the `-S' option and execute
arbitrary code.
Solution : http://www.debian.org/security/2002/dsa-107
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|