This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing a security update.
The flash-plugin package on Red Hat Enterprise Linux 4 contains
multiple security flaws and should no longer be used. This is the
1-month notification of Red Hat's plans to disable Adobe Flash Player
9 on Red Hat Enterprise Linux 4.
The Red Hat Security Response Team has rated this update as having
critical security impact.
The flash-plugin package contains a Mozilla Firefox compatible Adobe
Flash Player web browser plug-in.
Adobe Flash Player 9 is vulnerable to critical security flaws and
should no longer be used. A remote attacker could use these flaws to
execute arbitrary code with the privileges of the user running Flash
Player 9. (CVE-2011-0558, CVE-2011-0559, CVE-2011-0560, CVE-2011-0561,
CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574,
CVE-2011-0575, CVE-2011-0577, CVE-2011-0578, CVE-2011-0607,
Adobe is no longer providing security updates for Adobe Flash Player
9, and is not providing a replacement Flash Player version compatible
with Red Hat Enterprise Linux 4.
In one month Red Hat plans to release an update for the flash-plugin
package that will prevent it from functioning. User wishing to
continue using Flash Player 9, despite the vulnerabilities, can add
the flash-plugin package to the up2date skip list. Refer to the
following Red Hat Knowledgebase article for instructions on adding a
package to the up2date skip list:
See also :
Update the affected flash-plugin package.
Risk factor :
High / CVSS Base Score : 9.3
Public Exploit Available : true
Family: Red Hat Local Security Checks
Nessus Plugin ID: 63971 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now