This script is Copyright (C) 2017 Tenable Network Security, Inc.
A malicious kernel module is potentially installed on the remote Linux
According to diagnostic indicators, the remote Red Hat Enterprise
Linux or CentOS host may have a malicious kernel module known as
OutlawCountry installed. OutlawCountry creates a hidden netfilter
table that allows an authenticated attacker to covertly override
existing netfilter/iptables firewall rules.
Note that only RHEL and CentOS 6.x operating systems running kernel
version 2.6.32 (64-bit) are reportedly affected. OutlawCountry was
disclosed on 2017/06/30 by WikiLeaks as part of their ongoing
'Vault 7' series of leaks.
See also :
Refer to the referenced Red Hat solution article.
Risk factor :
High / CVSS Base Score : 9.0
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now