|Category:||Debian Local Security Checks|
|Title:||Debian Security Advisory DSA 661-2 (f2c)|
|Summary:||Debian Security Advisory DSA 661-2 (f2c)|
The remote host is missing an update to f2c
announced via advisory DSA 661-2.
Dan McMahill noticed that our our advisory DSA 661-1 did not correct
the multiple insecure files problem, hence, this update. For
completeness below is the original advisory text:
Javier Fernández-Sanguino Peña from the Debian Security Audit project
discovered that f2c and fc, which are both part of the f2c package, a
fortran 77 to C/C++ translator, open temporary files insecurely and
are hence vulnerable to a symlink attack. The Common
Vulnerabilities and Exposures project identifies the following
Multiple insecure temporary files in the f2c translator.
For the stable distribution (woody) and all others including testing
this problem has been fixed in version 20010821-3.2.
We recommend that you upgrade your f2c package.
BugTraq ID: 12380|
Common Vulnerability Exposure (CVE) ID: CVE-2005-0017
Debian Security Information: DSA-661 (Google Search)
|Copyright||Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com|
|This is only one of 54385 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.