Scientific Linux Security Update : libuser on SL6.x i386/x86_64 (20150723)
High Nessus Plugin ID 85210
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionTwo flaws were found in the way the libuser library handled the /etc/passwd file. A local attacker could use an application compiled against libuser (for example, userhelper) to manipulate the /etc/passwd file, which could result in a denial of service or possibly allow the attacker to escalate their privileges to root.
SolutionUpdate the affected packages.