This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
Security Fix(es) :
- It was discovered xmlsec1's use of libxml2 inadvertently
enabled external entity expansion (XXE) along with
validation. An attacker could craft an XML file that
would cause xmlsec1 to try and read local files or
HTTP/FTP URLs, leading to information disclosure or
denial of service. (CVE-2017-1000061)
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.8