arpwatch: Privilege escalation — GLSA 201607-16

arpwatch is vulnerable to the escalation of privileges.

Affected Packages

net-analyzer/arpwatch on all architectures
Affected versions < 2.1.15-r8
Unaffected versions >= 2.1.15-r8

Background

The ethernet monitor program; for keeping track of ethernet/ip address pairings.

Description

Arpwatch does not properly drop supplementary groups.

Impact

Attackers, if able to exploit arpwatch, could escalate privileges outside of the running process.

Workaround

There is no known workaround at this time.

Resolution

All arpwatch users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --verbose --oneshot ">=net-analyzer/arpwatch-2.1.15-r8"
 

References

Release Date
July 20, 2016

Latest Revision
July 20, 2016: 1

Severity
high

Exploitable
local, remote

Bugzilla entries