|
Family: Debian Local Security Checks --> Category: infos
[DSA557] DSA-557-1 rp-pppoe Vulnerability Scan
Vulnerability Scan Summary DSA-557-1 rp-pppoe
Detailed Explanation for this Vulnerability Test
Max Vozeler discovered a vulnerability in pppoe, the PPP over Ethernet
driver from Roaring Penguin. When the program is running setuid root
(which is not the case in a default Debian installation), a possible hacker
could overwrite any file on the file system.
For the stable distribution (woody) this problem has been fixed in
version 3.3-1.2.
For the unstable distribution (sid) this problem has been fixed in
version 3.5-4.
We recommend that you upgrade your pppoe package.
Solution : http://www.debian.org/security/2004/dsa-557
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|