CVE-2014-0476

2014-10-25T22:55:00
ID CVE-2014-0476
Type cve
Reporter cve@mitre.org
Modified 2017-09-19T01:36:00

Description

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.