The system is missing one or more SuSE security patches. This update fixes a buffer overflow in ncplogin and ncpmap. Both applications are installed setuid-root on SuSE Linux, but only users of group 'trusted' are allowed to execute the binaries. If successfully exploited this vulnerabilities could be used to gain root locally.
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center