SynopsisThe remote Debian host is missing a security-related update.
DescriptionIt was discovered that a buffer overflow of the library for secure RPC communication over the rpcsec_gss protocol allows the execution of arbitrary code.
The oldstable distribution (sarge) doesn't contain librpcsecgss.
SolutionUpgrade the librpcsecgss packages.
For the stable distribution (etch) this problem has been fixed in version 0.14-2etch1.