Scientific Linux Security Update : libuser on SL6.x i386/x86_64
High Nessus Plugin ID 85210
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionTwo flaws were found in the way the libuser library handled the /etc/passwd file. A local attacker could use an application compiled against libuser (for example, userhelper) to manipulate the /etc/passwd file, which could result in a denial of service or possibly allow the attacker to escalate their privileges to root.
SolutionUpdate the affected packages.