|
Family: Debian Local Security Checks --> Category: infos
[DSA952] DSA-952-1 libapache-auth-ldap Vulnerability Scan
Vulnerability Scan Summary DSA-952-1 libapache-auth-ldap
Detailed Explanation for this Vulnerability Test
"Seregorn" discovered a format string vulnerability in the logging
function of libapache-auth-ldap, an LDAP authentication module for the
Apache webserver, that can lead to the execution of arbitrary code.
For the old stable distribution (woody) this problem has been fixed in
version 1.6.0-3.1.
For the stable distribution (sarge) this problem has been fixed in
version 1.6.0-8.1
The unstable distribution (sid) does no longer contain libapache-auth-ldap.
We recommend that you upgrade your libapache-auth-ldap package.
Solution : http://www.debian.org/security/2006/dsa-952
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|