The remote host is missing an update to snmptrapfmt announced via advisory DSA 1013-1. Will Aoki discovered that snmptrapfmt, a configurable snmp trap handler daemon for snmpd, does not prevent overwriting existing files when writing to a temporary log file. For the old stable distribution (woody) this problem has been fixed in version 1.03woody1.
For the stable distribution (sarge) this problem has been fixed in version 1.08sarge1. For the unstable distribution (sid) this problem has been fixed in version 1.10-1. We recommend that you upgrade your snmptrapfmt package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201013-1
- Debian Security Advisory DSA 2879-1 (libssh - security update)
- Debian Security Advisory DSA 2821-1 (gnupg - side channel attack)
- Debian Security Advisory DSA 1492-1 (wml)
- Debian Security Advisory DSA 2649-1 (lighttpd - fixed socket name in world-writable directory)
- Debian Security Advisory DSA 2661-1 (xorg-server - information disclosure)