|
Family: Debian Local Security Checks --> Category: infos
[DSA681] DSA-681-1 synaesthesia Vulnerability Scan
Vulnerability Scan Summary DSA-681-1 synaesthesia
Detailed Explanation for this Vulnerability Test
Erik Sjölund and Devin Carraway discovered that synaesthesia, a
program for representing sounds visually, accesses user-controlled
configuration and mixer files with elevated rights. Thus, it is
possible to read arbitrary files.
For the stable distribution (woody) this problem has been fixed in
version 2.1-2.1woody3.
For the testing (sarge) and unstable (sid) distribution this problem
does not exist since synaesthesia is not installed setuid root
anymore.
We recommend that you upgrade your synaesthesia package.
Solution : http://www.debian.org/security/2005/dsa-681
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|