Scientific Linux Security Update : nfs-utils-lib on SL4.x i386/x86_64
Critical Nessus Plugin ID 60253
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionTenable Network Security discovered a stack-based buffer overflow flaw in the RPC library used by nfs-utils-lib. A remote unauthenticated attacker who can access an application linked against nfs-utils-lib could trigger this flaw and cause the application to crash. On Red Hat Enterprise Linux 4 it is not possible to exploit this flaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE.
SolutionUpdate the affected nfs-utils-lib and / or nfs-utils-lib-devel packages.