This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
Steve Grubb discovered a flaw in the way coolkey created a temporary
directory. A local attacker could perform a symlink attack and cause
arbitrary files to be overwritten. (CVE-2007-4129)
In addition, the updated packages contain fixes for the following bugs
in the CAC Smart Card support :
- CAC Smart Cards can have from 1 to 3 certificates. The
coolkey driver, however, was not recognizing cards if
they had less than 3 certificates.
- logging into a CAC Smart Card token with a new
application would cause other, already authenticated,
applications to lose their login status unless the Smart
Card was then removed from the reader and re-inserted
See also :
Update the affected coolkey and / or coolkey-devel packages.
Risk factor :
Low / CVSS Base Score : 3.3
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60285 ()
CVE ID: CVE-2007-4129
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.