Scientific Linux Security Update : glibc on SL5.x i386/x86_64
Medium Nessus Plugin ID 60874
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionIt was discovered that the glibc dynamic linker/loader did not handle the $ORIGIN dynamic string token set in the LD_AUDIT environment variable securely. A local attacker with write access to a file system containing setuid or setgid binaries could use this flaw to escalate their privileges. (CVE-2010-3847)
SolutionUpdate the affected packages.