Re: [SECURITY] new version isdnutils fixes exploitable xmonisdn

[fw () S NETIC DE (Florian Weimer)]

Aleph One <aleph1 () UNDERGROUND ORG> writes:

> We have received reports that the version of xmonisdn as distributed
> in the isndutils package from Debian GNU/Linux 2.1 has a security
> problem.

Note that other Linux distributions may be affected as well.
The makefile that comes with the (rather outdated) isdn4kutils betas
and that was in the isdn4linux CVS tree installed xmonisdn setuid root,
too (until Paul Slootman committed a fix at the beginning of August).