Amazon Linux AMI : usermode / libuser (ALAS-2015-572)
High Nessus Plugin ID 84964
SynopsisThe remote Amazon Linux AMI host is missing a security update.
DescriptionIt was found that libuser, as used in the chfn userhelper functionality, does not properly filter out newline characters, which allows an authenticated local attacker to corrupt the /etc/passwd file and cause denial-of-service against the system. (CVE-2015-3245)
A flaw was found in the way the libuser library handled the /etc/passwd file. A local attacker could use an application compiled against libuser (for example, userhelper) to manipulate the /etc/passwd file, which could result in a denial of service or possibly allow the attacker to escalate their privileges to root.
SolutionRun 'yum update usermode libuser' to update your system.