|
Family: Debian Local Security Checks --> Category: infos
[DSA658] DSA-658-1 libdbi-perl Vulnerability Scan
Vulnerability Scan Summary DSA-658-1 libdbi-perl
Detailed Explanation for this Vulnerability Test
Javier Fernández-Sanguino Peña from the Debian Security Audit Project
discovered that the DBI library, the Perl5 database interface, creates
a temporary PID file in an insecure manner. This can be exploited by a
malicious user to overwrite arbitrary files owned by the person
executing the parts of the library.
For the stable distribution (woody) this problem has been fixed in
version 1.21-2woody2.
For the unstable distribution (sid) this problem has been fixed in
version 1.46-6.
We recommend that you upgrade your libdbi-perl package.
Solution : http://www.debian.org/security/2005/dsa-658
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|