Vulnerability : format string attack
Problem-Type : local
Debian-specific: no
CVE ID : CVE-2006-0083
Ulf Harnhammar from the Debian Security Audit project discovered a
format string attack in the logging code of smstools, which may be
exploited to execute arbitary code with root privileges.
The old stable distribution (woody) does not contain smstools package.
For the stable distribution (sarge) this problem has been fixed in
version 1.14.8-1sarge0.
For the unstable distribution the package will be updated shortly.