This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing a security update.
A flaw was found in the way sudo handled the presence of duplicated
environment variables. A local user authorized to run commands using
sudo could use this flaw to set additional values for the environment
variables set by sudo, which could result in those values being used
by the executed command instead of the values set by sudo. This could
possibly lead to certain intended restrictions being bypassed, such as
the secure_path setting. (CVE-2010-1646)
See also :
Update the affected sudo package.
Risk factor :
Medium / CVSS Base Score : 6.2
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60803 ()
CVE ID: CVE-2010-1646