Scientific Linux Security Update : dracut on SL6.x (noarch)

Low Nessus Plugin ID 71297


The remote Scientific Linux host is missing one or more security updates.


It was discovered that dracut created initramfs images as world readable. A local user could possibly use this flaw to obtain sensitive information from these files, such as iSCSI authentication passwords, encrypted root file system crypttab passwords, or other information. (CVE-2012-4453)


Update the affected packages.

See Also

Plugin Details

Severity: Low

ID: 71297

File Name: sl_20131121_dracut_on_SL6_x.nasl

Version: $Revision: 1.1 $

Type: local

Agent: unix

Published: 2013/12/10

Modified: 2013/12/10

Dependencies: 12634

Risk Information

Risk Factor: Low


Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: x-cpe:/o:fermilab:scientific_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2013/11/21

Reference Information

CVE: CVE-2012-4453