|
Family: Debian Local Security Checks --> Category: infos
[DSA244] DSA-244-1 noffle Vulnerability Scan
Vulnerability Scan Summary DSA-244-1 noffle
Detailed Explanation for this Vulnerability Test
Dan Jacobson noticed a problem in noffle, an offline news server, that
leads to a segmentation fault. It is not yet clear whether this
problem is exploitable. However, if it is, a remote attacker could
trigger arbitrary code execution under the user that calls noffle,
probably news.
For the stable distribution (woody) this problem has been fixed in
version 1.0.1-1.1.
The old stable distribution (potato) does not contain a noffle
package.
For the unstable distribution (sid) this problem has been fixed in
version 1.1.2-1.
We recommend that you upgrade your noffle package.
Solution : http://www.debian.org/security/2003/dsa-244
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|