The remote host is missing updates announced in advisory GLSA 200407-16.
Users are encouraged to upgrade to the latest available sources for their system: # emerge sync # emerge -pv your-favorite-sources # emerge your-favorite-sources # # Follow usual procedure for compiling and installing a kernel. # # If you use genkernel, run genkernel as you would do normally. http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200407-16 http://bugs.gentoo.org/show_bug.cgi?id=56171 http://bugs.gentoo.org/show_bug.cgi?id=56479 http://www.securityfocus.com/archive/1/367977
Multiple permission vulnerabilities have been found in the Linux kernel, allowing an attacker to change the group IDs of files mounted on a remote filesystem (CVE-2004-0497), as well as an issue in 2.6 series kernels which allows /proc permissions to be bypassed. A context sharing vulnerability in vserver-sources is also handled by this advisory as well as CVE-2004-0447, CVE-2004-0496 and CVE-2004-0565. Patched, or updated versions of these kernels have been released and details are included along with this advisory.
CVE CVE-2004-0447, CVE-2004-0496, CVE-2004-0497, CVE-2004-0565
CVSS Base Score: 7.2