Scientific Linux Security Update : lzo on SL6.x i386/srpm/x86_64

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Synopsis :

The remote Scientific Linux host is missing one or more security

Description :

An integer overflow flaw was found in the way the lzo library
decompressed certain archives compressed with the LZO algorithm. An
attacker could create a specially crafted LZO-compressed input that,
when decompressed by an application using the lzo library, would cause
that application to crash or, potentially, execute arbitrary code.

For the update to take effect, all services linked to the lzo library
must be restarted or the system rebooted.

See also :

Solution :

Update the affected packages.

Risk factor :


Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 76448 ()

Bugtraq ID:

CVE ID: CVE-2014-4607

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now