Synopsis :

The remote Debian host is missing a security-related update.

Description :

Ludwig Nussel discovered a problem in webmin, a web-based
administration toolkit. A temporary directory was used but without
checking for the previous owner. This could allow an attacker to
create the directory and place dangerous symbolic links inside.

See also :

http://www.debian.org/security/2004/dsa-544

Solution :

Upgrade the webmin packages.

For the stable distribution (woody) this problem has been fixed in
version 0.94-7woody3.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)