4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
βbazarrβ discovered that eterm is vulnerable to a buffer overflow of
the ETERMPATH environment variable. This bug can be exploited to gain
the privileges of the group βutmpβ on a system where eterm is
installed.
For the stable distribution (woody), this problem has been fixed in
version 0.9.2-0pre2002042903.1.
The old stable distribution (potato) is not affected by this bug.
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you update your eterm package.