|
|
Family: Debian Local Security Checks --> Category: infos
[DSA839] DSA-839-1 apachetop Vulnerability Scan
Vulnerability Scan Summary
DSA-839-1 apachetop
Detailed Explanation for this Vulnerability Test
Eric Romang discovered an insecurely created temporary file in
apachetop, a realtime monitoring tool for the Apache webserver that
could be exploited with a symlink attack to overwrite arbitrary files
with the user id that runs apachetop.
The old stable distribution (woody) is not affected by this problem.
For the stable distribution (sarge) this problem has been fixed in
version 0.12.5-1sarge1.
For the unstable distribution (sid) this problem has been fixed in
version 0.12.5-5.
We recommend that you upgrade your apachetop package.
Solution : http://www.debian.org/security/2005/dsa-839
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
