Test Kennung:	1.3.6.1.4.1.25623.1.0.120579
Kategorie:	Amazon Linux Local Security Checks
Titel:	Amazon Linux: Security Advisory (ALAS-2014-370)
Zusammenfassung:	The remote host is missing an update for the 'chkrootkit' package(s) announced via the ALAS-2014-370 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'chkrootkit' package(s) announced via the ALAS-2014-370 advisory. Vulnerability Insight: A quoting issue was found in chkrootkit which would lead to a file in /tmp/ being executed, if /tmp/ was mounted without the noexec option. chkrootkit is typically run as the root user. A local attacker could use this flaw to escalate their privileges. Affected Software/OS: 'chkrootkit' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 3.7 CVSS Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0476 Debian Security Information: DSA-2945 (Google Search) http://www.debian.org/security/2014/dsa-2945 https://www.exploit-db.com/exploits/38775/ https://security.gentoo.org/glsa/201709-05 http://packetstormsecurity.com/files/134484/Chkrootkit-Local-Privilege-Escalation.html http://www.openwall.com/lists/oss-security/2014/06/04/9 http://osvdb.org/show/osvdb/107710 http://www.ubuntu.com/usn/USN-2230-1
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.