This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
Security Fix(es) :
- It was found that the original fix for CVE-2017-1000367
was incomplete. A flaw was found in the way sudo parsed
tty information from the process status file in the proc
filesystem. A local user with privileges to execute
commands via sudo could use this flaw to escalate their
privileges to root. (CVE-2017-1000368)
See also :
Update the affected sudo, sudo-debuginfo and / or sudo-devel packages.
Risk factor :
High / CVSS Base Score : 7.2