Scientific Linux Security Update : nss_ldap on SL3.x i386/x86_64

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing a security update.

Description :

When the nss_ldap plug-in attempted to format the list of a group's
members for an application, it did not correctly detect when the space
provided to store that list was insufficient. For large groups, this
resulted in a corrupt heap, which typically resulted in the calling
application crashing, or a segmentation fault.

See also :

http://www.nessus.org/u?2ef7998b

Solution :

Update the affected nss_ldap package.

Risk factor :

High

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 60397 ()

Bugtraq ID:

CVE ID: