GLSA-201512-03 : GRUB: Authentication bypass

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote Gentoo host is missing one or more security-related
patches.

Description :

The remote host is affected by the vulnerability described in GLSA-201512-03
(GRUB: Authentication bypass)

An integer underflow in GRUB’s username/password authentication code
has been discovered.

Impact :

An attacker with access to the system console may bypass the username
prompt by entering a sequence of backspace characters, allowing them e.g.
to get full access to GRUB’s console or to load a customized kernel.

Workaround :

There is no known workaround at this time.

See also :

https://wiki.gentoo.org/wiki/GRUB2_Quick_Start
https://security.gentoo.org/glsa/201512-03

Solution :

All GRUB 2.x users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=sys-boot/grub-2.02_beta2-r8'
After upgrading, make sure to run the grub2-install command with options
appropriate for your system. See the GRUB2 Quick Start guide in the
references below for examples. Your system will be vulnerable until this
action is performed.

Risk factor :

Medium / CVSS Base Score : 6.9
(CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)

Family: Gentoo Local Security Checks

Nessus Plugin ID: 87516 ()

Bugtraq ID:

CVE ID: CVE-2015-8370

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now