Very funny...
Affected Packages:
cfingerd
Vulnerable:
Yes
More information:
Colin Phipps and Daniel Kobras discovered and fixed several serious
bugs in the saft daemon `sendfiled' which
caused it to drop privileges incorrectly. Exploiting this a local
user can easily make it execute arbitrary code
under root privileges. We recommend you upgrade your sendfile
packages immediately.
Fixed in:
Debian GNU/Linux 2.2 (`potato')
Source:
[8]http://security.debian.org/dists/stable/updates/main/source/cfingerd_1.4.1-1.1.diff.gz
[9]http://security.debian.org/dists/stable/updates/main/source/cfingerd_1.4.1-1.1.dsc
[10]http://security.debian.org/dists/stable/updates/main/source/cfingerd_1.4.1.orig.tar.gz
Regards,
Joey
--
It's practically impossible to look at a penguin and feel angry.
