This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
Security Fix(es) :
- A stack overflow vulnerability was found in
_nss_dns_getnetbyname_r. On systems with nsswitch
configured to include 'networks: dns' with a privileged
or network-facing service that would attempt to resolve
user- provided network names, an attacker could provide
an excessively long network name, resulting in stack
corruption and code execution. (CVE-2016-3075)
This issue was discovered by Florian Weimer (Red Hat).
Additional Changes :
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.0