This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
The sudo (superuser do) utility allows system administrators to give
certain users the ability to run commands as root.
A flaw was found in the way the network matching code in sudo handled
multiple IP networks listed in user specification configuration
directives. A user, who is authorized to run commands with sudo on
specific hosts, could use this flaw to bypass intended restrictions
and run those commands on hosts not matched by any of the network
All users of sudo are advised to upgrade to this updated package,
which contains a backported patch to correct this issue.
See also :
Update the affected sudo and / or sudo-debuginfo packages.
Risk factor :
High / CVSS Base Score : 7.2
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 61363 ()
CVE ID: CVE-2012-2337