Oval Definition:oval:org.mitre.oval:def:18519
Revision Date:2014-06-23Version:7
Title:DSA-2481-1 arpwatch - fails to drop supplementary groups
Description:Steve Grubb from Red Hat discovered that a patch for arpwatch (as shipped at least in Red Hat and Debian distributions) in order to make it drop root privileges would fail to do so and instead add the root group to the list of the daemon uses.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2012-2653
DSA-2481-1
Platform(s):Debian GNU/kFreeBSD 6.0
Debian GNU/Linux 6.0
Product(s):arpwatch
Definition Synopsis
  • Debian 6.0 is installed
  • AND GNU/Linux or GNU/kFreeBSD kernel
  • Debian GNU/Linux is installed
  • OR Debian GNU/kFreeBSD is installed
  • AND arpwatch DPKG is earlier than 2.1a15-1.1+squeeze1
  • BACK