|
|
Family: Debian Local Security Checks --> Category: infos
[DSA1170] DSA-1170-1 gcc-3.4 Vulnerability Scan
Vulnerability Scan Summary
DSA-1170-1 gcc-3.4
Detailed Explanation for this Vulnerability Test
Jürgen Weigert discovered that upon unpacking JAR archives fastjar
from the GNU Compiler Collection does not check the path for included
files and allows to create or overwrite files in upper directories.
For the stable distribution (sarge) this problem has been fixed in
version 3.4.3-13sarge1.
For the unstable distribution (sid) this problem has been fixed in
version 4.1.1-11.
We recommend that you upgrade your fastjar package.
Solution : http://www.debian.org/security/2006/dsa-1170
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
