MidnightBSD

Advisories for chkrootkit

CVE-2014-0476 LOW

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 14.04
chkrootkit chkrootkit *
canonical ubuntu_linux 12.04
canonical ubuntu_linux 10.04
canonical ubuntu_linux 13.10