One year ago, we have received a report from SGI that a vulnerability
has been discovered in the seyon program which can lead to a root
compromise. Any user who can execute the seyon program can exploit
this vulnerability.
However, the license of Seyon doesn't permit us to provide a fix, now
is the Seyon author responsive, nor do we have a patch, nor do we know
an exploit and can't develop a fixe therefore.
We recommend you switch to minicom instead.
The maintainer of Seyon told us the following:
I notice from reading the SGI announcement that their problem is
a root exploit because of a setuid Seyon. The Seyon we ship is
not setuid, so I doubt we'll have a serious problem.
--
Debian GNU/Linux . Security Managers . [EMAIL PROTECTED]
[EMAIL PROTECTED]
Christian Hudon . Wichert Akkerman . Martin Schulze
<[EMAIL PROTECTED]> . <[EMAIL PROTECTED]> . <[EMAIL PROTECTED]>
PGP signature
