Scientific Linux Security Update : mcstrans on SL5.x i386/x86_64
Low Nessus Plugin ID 60289
SynopsisThe remote Scientific Linux host is missing a security update.
DescriptionAn algorithmic complexity weakness was found in the way the mcstrans daemon handled ranges of compartments in sensitivity labels. A local user could trigger this flaw causing mctransd to temporarily stop responding to other requests; a partial denial of service.
This update also fixes a problem where the mcstrans daemon was preventing SSH connections into an SELinux box, that was running a Multi-Level Security (MLS) Policy with multiple categories
SolutionUpdate the affected mcstrans package.