Test ID:	1.3.6.1.4.1.25623.1.0.60617
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-1527-1)
Summary:	The remote host is missing an update for the Debian 'debian-goodies' package(s) announced via the DSA-1527-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'debian-goodies' package(s) announced via the DSA-1527-1 advisory. Vulnerability Insight: Thomas de Grenier de Latour discovered that the checkrestart tool in the debian-goodies suite of utilities, allowed local users to gain privileges via shell metacharacters in the name of the executable file for a running process. For the old stable distribution (sarge), this problem has been fixed in version 0.24+sarge1. For the stable distribution (etch), this problem has been fixed in version 0.27+etch1. For the unstable distribution (sid), this problem has been fixed in version 0.34. We recommend that you upgrade your debian-goodies package. Affected Software/OS: 'debian-goodies' package(s) on Debian 3.1, Debian 4. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3912 BugTraq ID: 25569 http://www.securityfocus.com/bid/25569 Debian Security Information: DSA-1527 (Google Search) http://www.debian.org/security/2008/dsa-1527 http://osvdb.org/40483 http://secunia.com/advisories/26675 http://secunia.com/advisories/27079 http://www.ubuntu.com/usn/usn-526-1 XForce ISS Database: debian-checkrestart-privilege-escalation(36475) https://exchange.xforce.ibmcloud.com/vulnerabilities/36475
Copyright	Copyright (C) 2008 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.