Debian Security Advisory DSA 2411-1 (mumble) Network Vulnerability

Summary

The remote host is missing an update to mumble announced via advisory DSA 2411-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202411-1

Insight

It was discovered that mumble, a VoIP client, does not probably manage permission on its user-specific configuration files, allowing other local users on the system to access them. For the stable distribution (squeeze), this problem has been fixed in version 1.2.2-6+squeeze1. For the testing distribution (wheezy) and the unstable distribution (sid), this problem has been fixed in version 1.2.3-3. We recommend that you upgrade your mumble packages.

Severity

Classification

CVE CVE-2012-0863

CVSS	Base Score: 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Debian Security Advisory DSA 2707-1 (dbus - denial of service)
Debian Security Advisory DSA 2497-1 (quagga)
Debian Security Advisory DSA 1202-1 (screen)
Debian Security Advisory DSA 043-1 (zope)
Debian Security Advisory DSA 2627-1 (nginx - information leak)

Take action and discover your vulnerabilities