Scientific Linux Security Update : systemtap on SL4.x, SL5.x i386/x86_64

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

A race condition was discovered in SystemTap that could allow users in
the stapusr group to elevate privileges to that of members of the
stapdev group (and hence root), bypassing directory confinement
restrictions and allowing them to insert arbitrary SystemTap kernel
modules. (CVE-2009-0784)

See also :

http://www.nessus.org/u?88d77243

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.9
(CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 60557 ()

Bugtraq ID:

CVE ID: CVE-2009-0784