How to Buy
This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing a security update.
A flaw was found in the way sudo handled the presence of duplicated
environment variables. A local user authorized to run commands using
sudo could use this flaw to set additional values for the environment
variables set by sudo, which could result in those values being used
by the executed command instead of the values set by sudo. This could
possibly lead to certain intended restrictions being bypassed, such as
the secure_path setting. (CVE-2010-1646)
See also :
Update the affected sudo package.
Risk factor :
Medium / CVSS Base Score : 6.2
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60803 ()
CVE ID: CVE-2010-1646
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.