GLSA-200409-11 : star: Suid root vulnerability
High Nessus Plugin ID 14675
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200409-11 (star: Suid root vulnerability)
A suid root vulnerability exists in versions of star that are configured to use ssh for remote tape access.
Attackers with local user level access could potentially gain root level access.
There is no known workaround at this time.
SolutionAll star users should upgrade to the latest version:
# emerge sync # emerge -pv '>=app-arch/star-1.5_alpha46' # emerge '>=app-arch/star-1.5_alpha46'