ID de Prueba:	1.3.6.1.4.1.25623.1.0.120579
Categoría:	Amazon Linux Local Security Checks
Título:	Amazon Linux: Security Advisory (ALAS-2014-370)
Resumen:	The remote host is missing an update for the 'chkrootkit' package(s) announced via the ALAS-2014-370 advisory.
Descripción:	Summary: The remote host is missing an update for the 'chkrootkit' package(s) announced via the ALAS-2014-370 advisory. Vulnerability Insight: A quoting issue was found in chkrootkit which would lead to a file in /tmp/ being executed, if /tmp/ was mounted without the noexec option. chkrootkit is typically run as the root user. A local attacker could use this flaw to escalate their privileges. Affected Software/OS: 'chkrootkit' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 3.7 CVSS Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0476 Debian Security Information: DSA-2945 (Google Search) http://www.debian.org/security/2014/dsa-2945 https://www.exploit-db.com/exploits/38775/ https://security.gentoo.org/glsa/201709-05 http://packetstormsecurity.com/files/134484/Chkrootkit-Local-Privilege-Escalation.html http://www.openwall.com/lists/oss-security/2014/06/04/9 http://osvdb.org/show/osvdb/107710 http://www.ubuntu.com/usn/USN-2230-1
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.