Scientific Linux Security Update : libtirpc on SL6.x i386/srpm/x86_64
Medium Nessus Plugin ID 66709
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionA flaw was found in the way libtirpc decoded RPC requests. A specially- crafted RPC request could cause libtirpc to attempt to free a buffer provided by an application using the library, even when the buffer was not dynamically allocated. This could cause an application using libtirpc, such as rpcbind, to crash. (CVE-2013-1950)
All running applications using libtirpc must be restarted for the update to take effect.
SolutionUpdate the affected libtirpc, libtirpc-debuginfo and / or libtirpc-devel packages.