This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.
The remote Red Hat host is missing a security update.
An updated cpio package that fixes a umask bug and supports large
files (>2GB) is now available.
This update has been rated as having low security impact by the Red
Hat Security Response Team
GNU cpio copies files into or out of a cpio or tar archive.
It was discovered that cpio uses a 0 umask when creating files using
the -O (archive) option. This creates output files with mode 0666 (all
can read and write) regardless of the user's umask setting. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-1999-1572 to this issue.
All users of cpio should upgrade to this updated package, which
resolves this issue, and adds support for large files (> 2GB).
See also :
Update the affected cpio package.
Risk factor :
Low / CVSS Base Score : 2.1