Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200601-14] LibAST: Privilege escalation Vulnerability Scan
Vulnerability Scan Summary
LibAST: Privilege escalation
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200601-14
(LibAST: Privilege escalation)
Michael Jennings discovered an exploitable buffer overflow in the
configuration engine of LibAST.
The vulnerability can be exploited to gain escalated rights if the
application using LibAST is setuid/setgid and passes a specifically
crafted filename to LibAST's configuration engine.
Identify all applications linking against LibAST and verify they are
All users should upgrade to the latest version and run revdep-rebuild:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-libs/libast-0.7"
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.