|
Family: Debian Local Security Checks --> Category: infos
[DSA326] DSA-326-1 orville-write Vulnerability Scan
Vulnerability Scan Summary DSA-326-1 orville-write
Detailed Explanation for this Vulnerability Test
Orville Write, a replacement for the standard write(1) command,
contains a number of buffer overflows. These could be exploited to
gain either gid tty or root rights, depending on the configuration
selected when the package is installed.
For the stable distribution (woody) this problem has been fixed in
version 2.53-4woody1.
The old stable distribution (potato) does not contain an orville-write
package.
For the unstable distribution (sid) this problem will be fixed soon.
See Debian bug report #170747.
We recommend that you update your orville-write package.
Solution : http://www.debian.org/security/2003/dsa-326
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|