How to Buy
This script is Copyright (C) 2004-2015 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200409-18
(cdrtools: Local root vulnerability in cdrecord if set SUID root)
Max Vozeler discovered that the cdrecord utility, when set to SUID root,
fails to drop root privileges before executing a user-supplied RSH program.
By default, Gentoo does not ship the cdrecord utility as SUID root and
therefore is not vulnerable. However, many users (and CD-burning
front-ends) set this manually after installation.
A local attacker could specify a malicious program using the $RSH
environment variable and have it executed by the SUID cdrecord, resulting
in root privileges escalation.
As a workaround, you could remove the SUID rights from your cdrecord
# chmod a-s /usr/bin/cdrecord
See also :
All cdrtools users should upgrade to the latest version:
# emerge sync
# emerge -pv '>=app-cdr/cdrtools-2.01_alpha37-r1'
# emerge '>=app-cdr/cdrtools-2.01_alpha37-r1'
Risk factor :
High / CVSS Base Score : 7.2
Family: Gentoo Local Security Checks
Nessus Plugin ID: 14746 (gentoo_GLSA-200409-18.nasl)
CVE ID: CVE-2004-0806
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.