|Category:||Ubuntu Local Security Checks|
|Title:||Ubuntu 4.10 USN-49-1 (debmake)|
|Summary:||Ubuntu 4.10 USN-49-1 (debmake)|
The remote host is missing an update to debmake
announced via advisory USN-49-1.
Javier Fernandez-Sanguino Pena noticed that the debstd script from
debmake, a deprecated helper package for Debian packaging, created
temporary directories in an insecure manner. This could allow a
symlink attack to create or overwrite arbitrary files with the
privileges of the user invoking the program.
The following packages are affected: debmake
The problem can be corrected by upgrading the affected package to
version 3.7.4ubuntu0.1. In general, a standard system upgrade is
sufficient to effect the necessary changes.
Risk factor : Medium
BugTraq ID: 12078|
Common Vulnerability Exposure (CVE) ID: CVE-2004-1179
Debian Security Information: DSA-615 (Google Search)
XForce ISS Database: debmake-debstd-symlink(18646)
|Copyright||Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com|
|This is only one of 58880 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.