Summary
The remote host is missing an update to lintian
announced via advisory DSA 630-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20630-1
Insight
Jeroen van Wolffelaar discovered a problem in lintian, the Debian package checker. The program removes the working directory even if it wasn't created at program start, removing an unrelated file or directory a malicious user inserted via a symlink attack.
For the stable distribution (woody) this problem has been fixed in version 1.20.17.1.
For the unstable distribution (sid) this problem has been fixed in version 1.23.6.
We recommend that you upgrade your lintian package.
Severity
Classification
-
CVE CVE-2004-1000 -
CVSS Base Score: 2.1
AV:L/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities