Scientific Linux Security Update : sudo on SL5.x i386/x86_64
Medium Nessus Plugin ID 60854
SynopsisThe remote Scientific Linux host is missing a security update.
DescriptionA flaw was found in the way sudo handled Runas specifications containing both a user and a group list. If a local user were authorized by the sudoers file to perform their sudo commands with the privileges of a specified user and group, they could use this flaw to run those commands with the privileges of either an arbitrary user or group on the system. (CVE-2010-2956)
SolutionUpdate the affected sudo package.