Detections
Analytics

Debian DSA-037-1 : Athena Widget replacement libraries - insecure tempfile handling

high Nessus Plugin ID 14874

Synopsis

The remote Debian host is missing a security-related update.

Description

It has been reported that the AsciiSrc and MultiSrc widget in the Athena widget library handle temporary files insecurely. Joey Hess has ported the bugfix from XFree86 to these Xaw replacements libraries.
The fixes are available in nextaw 0.5.1-34potato1, xaw3d 1.3-6.9potato1, and xaw95 1.1-4.6potato1.

Solution

Upgrade the affected nextaw, xaw3d, and xaw95 packages.

See Also

http://www.debian.org/security/2001/dsa-037

Plugin Details

Severity: High

ID: 14874

File Name: debian_DSA-037.nasl

Version: 1.16

Type: local

Agent: unix

Published: 9/29/2004

Updated: 1/4/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:nextaw, p-cpe:/a:debian:debian_linux:xaw3d, p-cpe:/a:debian:debian_linux:xaw95, cpe:/o:debian:debian_linux:2.2

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 3/7/2001

Reference Information

DSA: 037