|
Family: Debian Local Security Checks --> Category: infos
[DSA460] DSA-460-1 sysstat Vulnerability Scan
Vulnerability Scan Summary DSA-460-1 sysstat
Detailed Explanation for this Vulnerability Test
Alan Cox discovered that the isag utility (which graphically displays
data collected by the sysstat tools), creates a temporary file without
taking proper precautions. This vulnerability could allow a local
attacker to overwrite files with the rights of the user invoking
isag.
For the current stable distribution (woody) this problem has been
fixed in version 5.0.1-1.
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you update your sysstat package.
Solution : http://www.debian.org/security/2004/dsa-460
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|