Linux Daemons with Broken Links to Executables

Critical Nessus Plugin ID 44657


A daemon on the remote Linux host may need to be restarted.


By examining the '/proc' filesystem on the remote Linux host, Nessus has identified at least one currently-running daemon for which the link to the corresponding executable is broken.

This can occur when the executable associated with a daemon is replaced on disk but the daemon itself has not been restarted. And if the changes are security-related, the system may remain vulnerable to attack until the daemon is restarted.

Alternatively, it could result from an attacker removing files in an effort to hide malicious activity.


Inspect each reported daemon to determine why the link to the executable is broken.

Plugin Details

Severity: Critical

ID: 44657

File Name: daemons_with_broken_links.nasl

Version: $Revision: 1.6 $

Type: local

Family: Misc.

Published: 2010/02/17

Modified: 2015/10/21

Dependencies: 25221

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: Host/uname, Host/Listeners/Check