This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
This update fixes the following security issues :
- It was found that the Xen hypervisor implementation did
not perform range checking on the guest provided values
in multiple hypercalls. A privileged guest user could
use this flaw to trigger long loops, leading to a denial
of service (Xen hypervisor hang). (CVE-2012-5515,
- It was found that when running a 32-bit binary that uses
a large number of shared libraries, one of the libraries
would always be loaded at a predictable address in
memory. An attacker could use this flaw to bypass the
Address Space Layout Randomization (ASLR) security
feature. (CVE-2012-1568, Low)
- A flaw was found in the way the Linux kernel's IPv6
implementation handled overlapping, fragmented IPv6
packets. A remote attacker could potentially use this
flaw to bypass protection mechanisms (such as a firewall
or intrusion detection system (IDS)) when sending
network packets to a target system. (CVE-2012-4444, Low)
The system must be rebooted for this update to take effect.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.0
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 63677 ()
CVE ID: CVE-2012-1568CVE-2012-4444CVE-2012-5515
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.