|
Family: Ubuntu Local Security Checks --> Category: infos
USN43-1 : groff vulnerabilities Vulnerability Scan
Vulnerability Scan Summary groff vulnerabilities
Detailed Explanation for this Vulnerability Test
Synopsis :
These remote packages are missing security patches :
- groff
- groff-base
Description :
Javier Fernández-Sanguino Peña discovered that the auxiliary scripts
"eqn2graph" and "pic2graph" created temporary files in an insecure
way, which allowed exploitation of a race condition to create or
overwrite files with the rights of the user invoking the program.
Solution :
Upgrade to :
- groff-1.18.1.1-1ubuntu0.2 (Ubuntu 4.10)
- groff-base-1.18.1.1-1ubuntu0.2 (Ubuntu 4.10)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|