This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
Two flaws were found in the way the libuser library handled the
/etc/passwd file. A local attacker could use an application compiled
against libuser (for example, userhelper) to manipulate the
/etc/passwd file, which could result in a denial of service or
possibly allow the attacker to escalate their privileges to root.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.2
Public Exploit Available : true