This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
Multiple flaws were found in the Python rgbimg module. If an
application written in Python was using the rgbimg module and loaded a
specially crafted SGI image file, it could cause the application to
crash or, possibly, execute arbitrary code with the privileges of the
user running the application. (CVE-2009-4134, CVE-2010-1449,
This update also fixes the following bugs :
- Python 2.3.4's time.strptime() function did not
correctly handle the '%W' week number format string.
This update backports the _strptime implementation from
Python 2.3.6, fixing this issue. (BZ#436001)
- Python 2.3.4's socket.htons() function returned
partially-uninitialized data on IBM System z, generally
leading to incorrect results. (BZ#513341)
- Python 2.3.4's pwd.getpwuid() and grp.getgrgid()
functions did not support the full range of user and
group IDs on 64-bit architectures, leading to
'OverflowError' exceptions for large input values. This
update adds support for the full range of user and group
IDs on 64-bit architectures. (BZ#497540)
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60960 ()
CVE ID: CVE-2009-4134CVE-2010-1449CVE-2010-1450
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.