Debian Security Advisory DSA 615-1 (debmake) Network Vulnerability

Summary

The remote host is missing an update to debmake announced via advisory DSA 615-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20615-1

Insight

Javier Fernández-Sanguino Peña noticed that the debstd script from debmake, a deprecated helper package for Debian packaging, created temporary directories in an insecure manner. This can be exploited by a malicious user to overwrite arbitrary files owned by the victim. For the stable distribution (woody) this problem has been fixed in version 3.6.10.woody.1. For the unstable distribution (sid) this problem has been fixed in version 3.7.7. We recommend that you upgrade your debmake package.

Severity

Classification

CVE CVE-2004-1179
CVSS Base Score: 2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Debian Security Advisory DSA 256-1 (mhc)
Debian Security Advisory DSA 021-1 (apache)
Debian Security Advisory DSA 1169-1 (mysql-dfsg-4.1)
Debian Security Advisory DSA 2821-1 (gnupg - side channel attack)
Debian Security Advisory DSA 1136-1 (gpdf)

Take action and discover your vulnerabilities