|CATEGORY: Gentoo Local Security Checks||RISK: High||ADDED: 31 Jan 2012|
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-201201-15
(ktsuss: Privilege escalation)
Two vulnerabilities have been found in ktuss: Under specific circumstances, ktsuss skips authentication and fails to change the effective UID back to the real UID (CVE-2011-2921). The GTK interface spawned by the ktsuss binary is run as root (CVE-2011-2922).
A local attacker could gain escalated privileges and use the 'GTK_MODULES' environment variable to possibly execute arbitrary code with root privileges.
There is no known workaround at this time.
Gentoo discontinued support for ktsuss. We recommend that users unmerge ktsuss:
# emerge --unmerge 'x11-misc/ktsuss'