Debian Security Advisory DSA 050-1 (sendfile) Network Vulnerability

Summary

The remote host is missing an update to sendfile announced via advisory DSA 050-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20050-1

Insight

Colin Phipps and Daniel Kobras discovered and fixed several serious bugs in the saft daemon `sendfiled' which caused it to drop privileges incorrectly. Exploiting this a local user can easily make it execute arbitrary code under root privileges. We recommend you upgrade your sendfile packages immediately.

Severity

Classification

CVE CVE-2001-0623

CVSS	Base Score: 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1076-1 (lynx)
Debian Security Advisory DSA 001-1 (ed)
Debian Security Advisory DSA 1073-1 (mysql-dfsg-4.1)
Debian Security Advisory DSA 004-1 (nano)
Debian Security Advisory DSA 088-1 (fml)

Take action and discover your vulnerabilities