This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before
0.1.5 performs an incorrect cast, which allows remote attackers to
cause a denial of service (application crash) and possibly execute
arbitrary code via crafted tags in a YAML document, which triggers a
heap-based buffer overflow.
See also :
Run 'yum update libyaml' to update your system.
Risk factor :
Medium / CVSS Base Score : 6.8
Family: Amazon Linux Local Security Checks
Nessus Plugin ID: 72747 ()
CVE ID: CVE-2013-6393