Vulnerabilities > CVE-2004-1116 - Local Security vulnerability in Linux
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The init scripts in Great Internet Mersenne Prime Search (GIMPS) 23.9 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 |
Nessus
NASL family | Gentoo Local Security Checks |
NASL id | GENTOO_GLSA-200411-26.NASL |
description | The remote host is affected by the vulnerability described in GLSA-200411-26 (GIMPS, SETI@home, ChessBrain: Insecure installation) GIMPS, SETI@home and ChessBrain ebuilds install user-owned binaries and init scripts which are executed with root privileges. Impact : This could lead to a local privilege escalation or root compromise. Workaround : There is no known workaround at this time. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 15754 |
published | 2004-11-18 |
reporter | This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/15754 |
title | GLSA-200411-26 : GIMPS, SETI@home, ChessBrain: Insecure installation |