Debian Security Advisory DSA 2411-1 (mumble) Network Vulnerability

Summary

The remote host is missing an update to mumble announced via advisory DSA 2411-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202411-1

Insight

It was discovered that mumble, a VoIP client, does not probably manage permission on its user-specific configuration files, allowing other local users on the system to access them. For the stable distribution (squeeze), this problem has been fixed in version 1.2.2-6+squeeze1. For the testing distribution (wheezy) and the unstable distribution (sid), this problem has been fixed in version 1.2.3-3. We recommend that you upgrade your mumble packages.

Severity

Classification

CVE CVE-2012-0863
CVSS Base Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Debian Security Advisory DSA 1035-1 (fcheck)
Debian Security Advisory DSA 124-1 (mtr)
Debian Security Advisory DSA 198-1 (nullmailer)
Debian Security Advisory DSA 1501-1 (dspam)
Debian Security Advisory DSA 1013-1 (snmptrapfmt)

Take action and discover your vulnerabilities