Scientific Linux Security Update : rest on SL7.x x86_64

Medium Nessus Plugin ID 87572


The remote Scientific Linux host is missing one or more security updates.


It was found that the OAuth implementation in librest, a helper library for RESTful services, incorrectly truncated the pointer returned by the rest_proxy_call_get_url call. An attacker could use this flaw to crash an application using the librest library.

After installing the update, all applications using librest must be restarted for the update to take effect.


Update the affected rest, rest-debuginfo and / or rest-devel packages.

See Also

Plugin Details

Severity: Medium

ID: 87572

File Name: sl_20151119_rest_on_SL7_x.nasl

Version: 2.4

Type: local

Agent: unix

Published: 2015/12/22

Updated: 2018/12/28

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS v3.0

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vulnerability Information

CPE: x-cpe:/o:fermilab:scientific_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2015/11/19

Reference Information

CVE: CVE-2015-2675