This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-201201-15
(ktsuss: Privilege escalation)
Two vulnerabilities have been found in ktuss:
Under specific circumstances, ktsuss skips authentication and fails
to change the effective UID back to the real UID (CVE-2011-2921).
The GTK interface spawned by the ktsuss binary is run as root
A local attacker could gain escalated privileges and use the
'GTK_MODULES' environment variable to possibly execute arbitrary code
with root privileges.
There is no known workaround at this time.
See also :
Gentoo discontinued support for ktsuss. We recommend that users unmerge
# emerge --unmerge 'x11-misc/ktsuss'
Risk factor :
High / CVSS Base Score : 7.2
CVSS Temporal Score : 5.3
Public Exploit Available : false