Debian Security Advisory DSA 050-1 (sendfile) Network Vulnerability

Summary

The remote host is missing an update to sendfile announced via advisory DSA 050-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20050-1

Insight

Colin Phipps and Daniel Kobras discovered and fixed several serious bugs in the saft daemon `sendfiled' which caused it to drop privileges incorrectly. Exploiting this a local user can easily make it execute arbitrary code under root privileges. We recommend you upgrade your sendfile packages immediately.

Severity

Classification

CVE CVE-2001-0623
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1115-1 (gnupg2)
Debian Security Advisory DSA 1151-1 (heartbeat)
Debian Security Advisory DSA 1143-1 (dhcp)
Debian Security Advisory DSA 084-1 (gftp)
Debian Security Advisory DSA 1050-1 (clamav)

Take action and discover your vulnerabilities