Scientific Linux Security Update : libuser on SL7.x x86_64
High Nessus Plugin ID 85004
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionTwo flaws were found in the way the libuser library handled the /etc/passwd file. A local attacker could use an application compiled against libuser (for example, userhelper) to manipulate the /etc/passwd file, which could result in a denial of service or possibly allow the attacker to escalate their privileges to root.
SolutionUpdate the affected packages.