This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
An off-by-one heap-based buffer overflow flaw was found in glibc's
internal __gconv_translit_find() function. An attacker able to make an
application call the iconv_open() function with a specially crafted
argument could possibly use this flaw to execute arbitrary code with
the privileges of that application. (CVE-2014-5119)
A directory traversal flaw was found in the way glibc loaded locale
files. An attacker able to make an application use a specially crafted
locale name value (for example, specified in an LC_* environment
variable) could possibly use this flaw to execute arbitrary code with
the privileges of that application. (CVE-2014-0475)
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5