This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
Multiple denial of service flaws were found in the way the Ruby REXML
XML parser performed expansion of parameter entities. A specially
crafted XML document could cause REXML to use an excessive amount of
CPU and memory. (CVE-2014-8080, CVE-2014-8090)
A stack-based buffer overflow was found in the implementation of the
Ruby Array pack() method. When performing base64 encoding, a single
byte could be written past the end of the buffer, possibly causing
Ruby to crash. (CVE-2014-4975)
All running instances of Ruby need to be restarted for this update to
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.0