Mandriva Linux Security Advisory : busybox (MDVSA-2015:031)

low Nessus Plugin ID 81197


The remote Mandriva Linux host is missing one or more security updates.


Updated busybox packages fix security vulnerability :

The modprobe command in busybox before 1.23.0 uses the basename of the module argument as the module to load, allowing arbitrary modules, even when some kernel subsystems try to prevent this (CVE-2014-9645).


Update the affected busybox and / or busybox-static packages.

See Also

Plugin Details

Severity: Low

ID: 81197

File Name: mandriva_MDVSA-2015-031.nasl

Version: 1.5

Type: local

Published: 2/6/2015

Updated: 1/6/2021

Risk Information


Risk Factor: Low

Score: 3.6


Risk Factor: Low

Base Score: 2.1

Temporal Score: 1.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:busybox, p-cpe:/a:mandriva:linux:busybox-static, cpe:/o:mandriva:business_server:1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 2/5/2015

Reference Information

CVE: CVE-2014-9645

BID: 72324

MDVSA: 2015:031