The slapper function in chkrootkit prior to 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 10.04 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 13.10 |
||
chkrootkit chkrootkit |