This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This update for atheme fixes the following issues :
- CVE-2016-4478: Under certain circumstances, a remote
attacker could cause denial of service due to a buffer
overflow in the XMLRPC response encoding code
- CVE-2014-9773: Remote attacker could change Atheme's
behavior by registering/dropping certain accounts/nicks
The version update to 7.2.6 also contains a number of upstream fixes.
See also :
Update the affected atheme packages.
Risk factor :
Medium / CVSS Base Score : 5.0