This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote Oracle Linux host is missing a security update.
From Red Hat Security Advisory 2008:0946 :
An updated ed package that fixes one security issue is now available
for Red Hat Enterprise Linux 2.1, 3, 4 and 5.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.
ed is a line-oriented text editor, used to create, display, and modify
text files (both interactively and via shell scripts).
A heap-based buffer overflow was discovered in the way ed, the GNU
line editor, processed long file names. An attacker could create a
file with a specially crafted name that could possibly execute an
arbitrary code when opened in the ed editor. (CVE-2008-3916)
Users of ed should upgrade to this updated package, which contains a
backported patch to resolve this issue.
See also :
Update the affected ed package.
Risk factor :
High / CVSS Base Score : 9.3
Family: Oracle Linux Local Security Checks
Nessus Plugin ID: 67757 ()
CVE ID: CVE-2008-3916