This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
It was found that the xc_try_bzip2_decode() and xc_try_lzma_decode()
decode routines did not correctly check for a possible buffer size
overflow in the decoding loop. As well, several integer overflow flaws
and missing error/range checking were found that could lead to an
infinite loop. A privileged guest user could use these flaws to crash
the guest or, possibly, execute arbitrary code in the privileged
management domain (Dom0). (CVE-2011-1583)
The system must be rebooted for this update to take effect.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 6.9
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 61034 ()
CVE ID: CVE-2011-1583