Scientific Linux Security Update : resteasy-base on SL7.x (noarch)

High Nessus Plugin ID 95859


The remote Scientific Linux host is missing one or more security updates.


Security Fix(es) :

- It was discovered that under certain conditions RESTEasy could be forced to parse a request with SerializableProvider, resulting in deserialization of potentially untrusted data. An attacker could possibly use this flaw to execute arbitrary code with the permissions of the application using RESTEasy.

Additional Changes :


Update the affected packages.

See Also

Plugin Details

Severity: High

ID: 95859

File Name: sl_20161103_resteasy_base_on_SL7_x.nasl

Version: $Revision: 3.3 $

Type: local

Agent: unix

Published: 2016/12/15

Modified: 2018/01/26

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P


Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: x-cpe:/o:fermilab:scientific_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2016/11/03

Reference Information

CVE: CVE-2016-7050