CVE-2006-1376

Properties

Published:
22.03.2006
Updated:
26.02.2008
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:L/AC:L/Au:N/C:N/I:N/A:P)
    Product:
    Debian: Debian Linux

    Vulnerability description

    The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service (disk consumption).

    References:

    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=358210: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=358210
    SECUNIA: http://secunia.com/advisories/19331
    XF: http://xforce.iss.net/xforce/xfdb/25526