|
Family: Debian Local Security Checks --> Category: infos
[DSA675] DSA-675-1 hztty Vulnerability Scan
Vulnerability Scan Summary DSA-675-1 hztty
Detailed Explanation for this Vulnerability Test
Erik Sjölund discovered that hztty, a converter for GB, Big5 and zW/HZ
Chinese encodings in a tty session, can be triggered to execute
arbitrary commands with group utmp rights.
For the stable distribution (woody) this problem has been fixed in
version 2.0-5.2woody2.
For the unstable distribution (sid) this problem has been fixed in
version 2.0-6.1.
We recommend that you upgrade your hztty package.
Solution : http://www.debian.org/security/2005/dsa-675
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|