Debian Security Advisory DSA 1086-1 (xmcd) Network Vulnerability

Summary

The remote host is missing an update to xmcd announced via advisory DSA 1086-1. The xmcdconfig creates directories world-writeable allowing local users to fill the /usr and /var partition and hence cause a denial of service. This problem has been half-fixed since version 2.3-1. For the old stable distribution (woody) this problem has been fixed in version 2.6-14woody1.

Solution

For the stable distribution (sarge) this problem has been fixed in version 2.6-17sarge1. For the unstable distribution (sid) this problem has been fixed in version 2.6-18. We recommend that you upgrade your xmcd package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201086-1

Severity

Classification

CVE CVE-2006-2542

CVSS	Base Score: 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 2625-1 (wireshark - several vulnerabilities)
Debian Security Advisory DSA 046-1 (exuberant-ctags)
Debian Security Advisory DSA 2627-1 (nginx - information leak)
Debian Security Advisory DSA 1837-1 (dbus)
Debian Security Advisory DSA 124-1 (mtr)

Take action and discover your vulnerabilities