This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
It was discovered that the multipathd daemon set incorrect permissions
on the socket used to communicate with command line clients. An
unprivileged, local user could use this flaw to send commands to
multipathd, resulting in access disruptions to storage devices
accessible via multiple paths and, possibly, file system corruption on
these devices. (CVE-2009-0115)
The multipathd service must be restarted for the changes to take
Important: the version of the multipathd daemon in Scientific Linux 5
has a known issue which may cause a machine to become unresponsive
when the multipathd service is stopped. Until this issue is resolved,
we recommend restarting the multipathd service by issuing the
following commands in sequence :
# killall -KILL multipathd
# service multipathd restart
See also :
Update the affected device-mapper-multipath and / or kpartx packages.
Risk factor :
High / CVSS Base Score : 7.2
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60562 ()
CVE ID: CVE-2009-0115
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.