Debian Security Advisory DSA 2945-1 (chkrootkit - Security Update) Network Vulnerability

Summary

Thomas Stangner discovered a vulnerability in chkrootkit, a rootkit detector, which may allow local attackers to gain root access when /tmp is mounted without the noexec option.

Solution

For the stable distribution (wheezy), this problem has been fixed in version 0.49-4.1+deb7u2. For the unstable distribution (sid), this problem has been fixed in version 0.49-5. We recommend that you upgrade your chkrootkit packages.

Insight

The chkrootkit security scanner searches the local system for signs that it is infected with a 'rootkit'. Rootkits are set of programs and hacks designed to take control of a target machine by using known security flaws.

Affected

chkrootkit on Debian Linux

Detection

This check tests the installed software version using the apt package manager.

References

http://www.debian.org/security/2014/dsa-2945.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-0476

CVSS	Base Score: 3.7 AV:L/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 039-1 (glibc)
Debian Security Advisory DSA 1531-1 (policyd-weight)
Debian Security Advisory DSA 2649-1 (lighttpd - fixed socket name in world-writable directory)
Debian Security Advisory DSA 2731-1 (libgcrypt11 - information leak)
Debian Security Advisory DSA 1658-1 (dbus)

Debian Security Advisory DSA 2945-1 (chkrootkit - security update)

Take action and discover your vulnerabilities