This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing a security update.
A flaw was found in the way sudo handled Runas specifications
containing both a user and a group list. If a local user were
authorized by the sudoers file to perform their sudo commands with the
privileges of a specified user and group, they could use this flaw to
run those commands with the privileges of either an arbitrary user or
group on the system. (CVE-2010-2956)
See also :
Update the affected sudo package.
Risk factor :
Medium / CVSS Base Score : 6.2
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60854 ()
CVE ID: CVE-2010-2956