This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
The conga packages provide a web-based administration tool for remote
cluster and storage management.
A privilege escalation flaw was found in luci, the Conga web-based
administration application. A remote attacker could possibly use this
flaw to obtain administrative access, allowing them to read, create,
or modify the content of the luci application. (CVE-2011-0720)
Users of Conga are advised to upgrade to these updated packages, which
contain a backported patch to resolve this issue. After installing the
updated packages, luci must be restarted ('service luci restart') for
the update to take effect.
See also :
Update the affected luci and / or ricci packages.
Risk factor :
High / CVSS Base Score : 7.5
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60996 ()
CVE ID: CVE-2011-0720
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.