This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The remote SuSE 11 host is missing one or more security updates.
This update of glibc fixes the following bugs and security issues :
- The implementation of initgroups() of the nss_compat
module omits all NIS groups at the second invocation
within the same process, and also uses a needlessly
inefficient method to determine the NIS groups.
- An integer overflow that allows arbitrary code execution
by running ld.so --verify could be exploited by a
specially crafted binary. (CVE-2010-0830)
- The addmntent() function does not escape the newline
character properly, allowing the user to insert
arbitrary newlines to /etc/mtab. This could be exploited
to insert custom entries into /etc/mtab if addmntent()
gets called by a setuid mount binary that does not
perform extra input checking. (CVE-2010-0296)
See also :
Apply SAT patch number 2700.
Risk factor :
High / CVSS Base Score : 7.2