Debian Security Advisory DSA 325-1 (eldav) Network Vulnerability

Summary

The remote host is missing an update to eldav announced via advisory DSA 325-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20325-1

Insight

eldav, a WebDAV client for Emacs, creates temporary files without taking appropriate security precautions. This vulnerability could be exploited by a local user to create or overwrite files with the privileges of the user running emacs and eldav. For the stable distribution (woody) this problem has been fixed in version 0.0.20020411-1woody1. The old stable distribution (potato) does not contain an eldav package. For the unstable distribution (sid) this problem has been fixed in version 0.7.2-1. We recommend that you update your eldav package.

Severity

Classification

CVE CVE-2003-0438
CVSS Base Score: 1.2
AV:L/AC:H/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Debian Security Advisory DSA 1035-1 (fcheck)
Debian Security Advisory DSA 1296-1 (php4)
Debian Security Advisory DSA 285-1 (lprng)
Debian Security Advisory DSA 024-1 (cron)
Debian Security Advisory DSA 021-1 (apache)

Take action and discover your vulnerabilities