This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.
The remote Scientific Linux host is missing a security update.
CVE-2007-4476 tar/cpio stack crashing in safer_name_suffix
CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a
specially crafted archive
A heap-based buffer overflow flaw was found in the way tar expanded
archive files. If a user were tricked into expanding a specially
crafted archive, it could cause the tar executable to crash or execute
arbitrary code with the privileges of the user running tar.
A denial of service flaw was found in the way tar expanded archive
files. If a user expanded a specially crafted archive, it could cause
the tar executable to crash. (CVE-2007-4476) - SL4 and SL5 Only
See also :
Update the affected tar package.
Risk factor :
High / CVSS Base Score : 7.5