Control: retitle -1 pktstat: CVE-2013-0350: writes content from TCP streams to public readable file /tmp/smtp.log
Hi On Fri, Feb 22, 2013 at 09:47:45PM +0100, Sven Hartge wrote: > Package: pktstat > Version: 1.8.5-2 > Severity: normal > Tags: security > > Hi! > > I noticed pktstat creates a file with a fixed name in /tmp and writes > debugging > info gathered from the sniffed TCP streams into it: > > redacted:/tmp# ls -al smtp.log > -rw-r--r-- 1 root root 236726 Feb 22 21:30 smtp.log On oss-sec list CVE-2013-0350 was assigned to this. Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
