Nessus Plugin ID 11188
Renaud Deraison
deraison at nessus.org
Fri Aug 27 11:21:21 EDT 2004
On Fri, Aug 27, 2004 at 09:16:05AM -0600, Christopher J Bidwell wrote:
> Hi all,
>
> I've been getting reports from various users that this plugin is false:
> Please read below:
>
> Nessus is claiming the XFS vulnerability could lead to a root compromise.
> The cited CERT announcement does NOT agree. CERT says it is a possible
> NOBODY compromise or a DoS of font service.
>
>
> The NOBODY users exists to own nothing and to be able to do nothing
> dangerous.
Except that a lot of people use "nobody" for many services, which ends
up allowing this user to do quite a lot of damage on badly administered
servers.
Also, the ability to execute local commands as any user may lead to root
privileges (there are many local flaws).
As a result, I'll correct the wording of the plugin (thanks!) but this
alert should not be ignored.
More information about the Nessus
mailing list