Scientific Linux Security Update : groovy on SL7.x (noarch)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

Security Fix(es) :

- It was found that a flaw in Apache groovy library allows
remote code execution wherever deserialization occurs in
the application. It is possible for an attacker to craft
a special serialized object that will execute code
directly when deserialized. All applications which rely
on serialization and do not isolate the code which
deserializes objects are subject to this vulnerability.
(CVE-2016-6814)

See also :

http://www.nessus.org/u?ade748c9

Solution :

Update the affected groovy and / or groovy-javadoc packages.

Risk factor :

High

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 102675 ()

Bugtraq ID:

CVE ID: CVE-2016-6814

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now