This script is Copyright (C) 2008-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated libxslt packages that fix a security issue are now available
for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.
libxslt is a library for transforming XML files into other XML files
using the standard XSLT stylesheet transformation mechanism.
A heap buffer overflow flaw was discovered in the RC4 libxslt library
extension. An attacker could create a malicious XSL file that would
cause a crash, or, possibly, execute arbitrary code with the
privileges of the application using the libxslt library to perform XSL
transformations on untrusted XSL style sheets. (CVE-2008-2935)
Red Hat would like to thank Chris Evans for reporting this
All libxslt users are advised to upgrade to these updated packages,
which contain a backported patch to resolve this issue.
See also :
Update the affected libxslt, libxslt-devel and / or libxslt-python
Risk factor :
High / CVSS Base Score : 7.5
Family: Red Hat Local Security Checks
Nessus Plugin ID: 33784 ()
CVE ID: CVE-2008-2935