This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-201603-02
(OSC: Shell command injection)
A vulnerability has been discovered that may allow remote attackers to
execute arbitrary commands via shell metacharacters in a _service file.
A remote attacker could possibly execute arbitrary code with the
privileges of the process.
There is no known work around at this time.
See also :
All OSC users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=dev-util/osc-0.152.0'
Risk factor :
High / CVSS Base Score : 7.5