Fedora Core 12 FEDORA-2009-13196 (merkaartor) Network Vulnerability

Summary

The remote host is missing an update to merkaartor announced via advisory FEDORA-2009-13196.

Solution

Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update merkaartor' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-13196

Insight

Update Information: This update fixes a possible symlink attack on the debug log merkaartor.log by no longer writing it out by default. ChangeLog: * Thu Dec 10 2009 Sven Lankes - 0.14-2 - Write log to /dev/null unless specified (bz# 544284)

References

https://bugzilla.redhat.com/show_bug.cgi?id=544284

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4193

CVSS	Base Score: 3.3 AV:L/AC:M/Au:N/C:N/I:P/A:P

Related Vulnerabilities

Fedora Update for emesene FEDORA-2010-9692
Fedora Update for ansible FEDORA-2014-5407
Fedora Update for ansible FEDORA-2014-5375
Fedora Update for cgit FEDORA-2011-9589
Fedora Update for gnash FEDORA-2011-3658

Take action and discover your vulnerabilities