Test ID:	1.3.6.1.4.1.25623.1.0.120499
Category:	Amazon Linux Local Security Checks
Title:	Amazon Linux: Security Advisory (ALAS-2014-400)
Summary:	The remote host is missing an update for the 'glibc' package(s) announced via the ALAS-2014-400 advisory.
Description:	Summary: The remote host is missing an update for the 'glibc' package(s) announced via the ALAS-2014-400 advisory. Vulnerability Insight: A directory traversal flaw was found in the way glibc loaded locale files. An attacker able to make an application use a specially crafted locale name value (for example, specified in an LC_* environment variable) could possibly use this flaw to execute arbitrary code with the privileges of that application. Affected Software/OS: 'glibc' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0475 BugTraq ID: 68505 http://www.securityfocus.com/bid/68505 Debian Security Information: DSA-2976 (Google Search) http://www.debian.org/security/2014/dsa-2976 https://security.gentoo.org/glsa/201602-02 http://www.mandriva.com/security/advisories?name=MDVSA-2014:152 http://www.openwall.com/lists/oss-security/2014/07/10/7 http://www.openwall.com/lists/oss-security/2014/07/14/6 RedHat Security Advisories: RHSA-2014:1110 https://rhn.redhat.com/errata/RHSA-2014-1110.html http://www.securitytracker.com/id/1030569
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.