This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
A flaw was found in the way the network matching code in sudo handled
multiple IP networks listed in user specification configuration
directives. A user, who is authorized to run commands with sudo on
specific hosts, could use this flaw to bypass intended restrictions
and run those commands on hosts not matched by any of the network
See also :
Run 'yum update sudo' to update your system.
Risk factor :
High / CVSS Base Score : 7.2
Family: Amazon Linux Local Security Checks
Nessus Plugin ID: 69600 ()
CVE ID: CVE-2012-2337