|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200411-26] GIMPS, SETI@home, ChessBrain: Insecure installation Vulnerability Scan
Vulnerability Scan Summary GIMPS, SETI@home, ChessBrain: Insecure installation
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200411-26
(GIMPS, SETI@home, ChessBrain: Insecure installation)
GIMPS, SETI@home and ChessBrain ebuilds install user-owned binaries and
init scripts which are executed with root rights.
Impact
This could lead to a local privilege escalation or root compromise.
Workaround
There is no known workaround at this time.
Solution:
All GIMPS users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-sci/gimps-23.9-r1"
All SETI@home users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-sci/setiathome-3.03-r2"
All ChessBrain users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-sci/chessbrain-20407-r1"
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|