Scientific Linux Security Update : openssh on SL7.x x86_64 (20161103)
High Nessus Plugin ID 95851
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSecurity Fix(es) :
- It was discovered that the OpenSSH sshd daemon fetched PAM environment settings before running the login program. In configurations with UseLogin=yes and the pam_env PAM module configured to read user environment settings, a local user could use this flaw to execute arbitrary code as root. (CVE-2015-8325)
Additional Changes :
SolutionUpdate the affected packages.