Test ID:	1.3.6.1.4.1.25623.1.0.60652
Category:	Debian Local Security Checks
Title:	Debian Security Advisory DSA 1531-1 (policyd-weight)
Summary:	The remote host is missing an update to policyd-weight announced via advisory DSA 1531-1.;; This VT has been deprecated and merged into the VT 'Debian: Security Advisory (DSA-1531)' (OID: 1.3.6.1.4.1.25623.1.0.60656).
Description:	Summary: The remote host is missing an update to policyd-weight announced via advisory DSA 1531-1. This VT has been deprecated and merged into the VT 'Debian: Security Advisory (DSA-1531)' (OID: 1.3.6.1.4.1.25623.1.0.60656). Vulnerability Insight: Chris Howells discovered that policyd-weight, a policy daemon for the Postfix mail transport agent, created its socket in an insecure way, which may be exploited to overwrite or remove arbitrary files from the local system. For the stable distribution (etch), this problem has been fixed in version 0.1.14-beta-6etch1. The old stable distribution (sarge) does not contain a policyd-weight package. For the unstable distribution (sid), this problem will be fixed soon. Solution: We recommend that you upgrade your policyd-weight package. CVSS Score: 3.3 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1569 BugTraq ID: 28480 http://www.securityfocus.com/bid/28480 Debian Security Information: DSA-1531 (Google Search) http://www.debian.org/security/2008/dsa-1531 http://security.gentoo.org/glsa/glsa-200804-11.xml http://www.osvdb.org/43888 http://secunia.com/advisories/29553 http://secunia.com/advisories/29738 XForce ISS Database: policydweight-sockets-symlink(41565) https://exchange.xforce.ibmcloud.com/vulnerabilities/41565
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.