Summary
Check the version of elfutils
Solution
Please Install the Updated Packages.
Insight
Alexander Cherepanov discovered that libelf1
incorrectly handled certain filesystem paths while extracting ar archives. An attacker could use this flaw to perform a directory traversal attack on the root directory if the process extracting the ar archive has write access to the root directory.
Affected
elfutils on Ubuntu 14.10 ,
Ubuntu 14.04 LTS ,
Ubuntu 12.04 LTS ,
Ubuntu 10.04 LTS
Detection
Get the installed version with the help of
detect NVT and check if the version is vulnerable or not.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-9447 -
CVSS Base Score: 6.4
AV:N/AC:L/Au:N/C:N/I:P/A:P
Related Vulnerabilities