Debian Security Advisory

DLA-0002-1 chkrootkit -- LTS security update

Date Reported:

04 Jun 2014

Affected Packages:

chkrootkit

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2014-0476.

More information:

Thomas Stangner discovered a vulnerability in chkrootkit, a rootkit detector, which may allow local attackers to gain root access when /tmp is mounted without the noexec option.

For Debian 6 Squeeze, these issues have been fixed in chkrootkit version 0.49-4+deb6u1