Summary
The remote host is missing an update to htmlheadline announced via advisory DSA 622-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20622-1
Insight
Javier Fernández-Sanguino Peña has discovered multiple insecure uses of temporary files that could lead to overwriting arbitrary files via a symlink attack.
For the stable distribution (woody) these problems have been fixed in version 21.8-3.
The unstable distribution (sid) does not contain this package.
We recommend that you upgrade your htmlheadline package.
Severity
Classification
-
CVE CVE-2004-1181 -
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities