This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-201702-10
(NTFS-3G: Privilege escalation)
The NTFS-3G driver does not properly clear environment variables before
invoking mount or umount.
This flaw is similar to the vulnerability described in
“GLSA-201701-19” and “GLSA-201603-04” referenced below but is now
implemented in the NTFS-3G driver itself.
A local user could gain root privileges.
There is no known workaround at this time. However, on Gentoo when the
“suid” USE flag is not set (which is the default) an attacker cannot
exploit the flaw.
See also :
All NTFS-3G users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=sys-fs/ntfs3g-2016.2.22-r2'
Risk factor :