|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200510-13] SPE: Insecure file permissions Vulnerability Scan
Vulnerability Scan Summary SPE: Insecure file permissions
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200510-13
(SPE: Insecure file permissions)
It was reported that due to an oversight all SPE's files are set
as world-writeable.
Impact
A local attacker could modify the executable files, causing
arbitrary code to be executed with the permissions of the user running
SPE.
Workaround
There is no known workaround at this time.
Solution:
All SPE users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose dev-util/spe
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|