RHEL 4 : redhat-release (EOL Notice) (RHSA-2011:0259)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.

Synopsis :

The remote Red Hat host is missing a security update.

Description :

The flash-plugin package on Red Hat Enterprise Linux 4 contains
multiple security flaws and should no longer be used. This is the
1-month notification of Red Hat's plans to disable Adobe Flash Player
9 on Red Hat Enterprise Linux 4.

The Red Hat Security Response Team has rated this update as having
critical security impact.

The flash-plugin package contains a Mozilla Firefox compatible Adobe
Flash Player web browser plug-in.

Adobe Flash Player 9 is vulnerable to critical security flaws and
should no longer be used. A remote attacker could use these flaws to
execute arbitrary code with the privileges of the user running Flash
Player 9. (CVE-2011-0558, CVE-2011-0559, CVE-2011-0560, CVE-2011-0561,
CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574,
CVE-2011-0575, CVE-2011-0577, CVE-2011-0578, CVE-2011-0607,

Adobe is no longer providing security updates for Adobe Flash Player
9, and is not providing a replacement Flash Player version compatible
with Red Hat Enterprise Linux 4.

In one month Red Hat plans to release an update for the flash-plugin
package that will prevent it from functioning. User wishing to
continue using Flash Player 9, despite the vulnerabilities, can add
the flash-plugin package to the up2date skip list. Refer to the
following Red Hat Knowledgebase article for instructions on adding a
package to the up2date skip list:

See also :


Solution :

Update the affected flash-plugin package.

Risk factor :

High / CVSS Base Score : 9.3
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now