Debian Security Advisory DSA 1668-1 (hf) Network Vulnerability

Summary

The remote host is missing an update to hf announced via advisory DSA 1668-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201668-1

Insight

Steve Kemp discovered that hf, an amateur-radio protocol suite using a soundcard as a modem, insecurely tried to execute an external command which could lead to the elevation of privileges for local users. For the stable distribution (etch), this problem has been fixed in version 0.7.3-4etch1. For the unstable distribution (sid), this problem has been fixed in version 0.8-8.1. We recommend that you upgrade your hf package.

Severity

Classification

CVE CVE-2008-2378

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 072-1 (groff)
Debian Security Advisory DSA 1033-1 (horde3)
Debian Security Advisory DSA 031-1 (sudo)
Debian Security Advisory DSA 108-1 (wmtv)
Debian Security Advisory DSA 1030-1 (moodle)

Take action and discover your vulnerabilities