FreeBSD : Open DC Hub -- remote buffer overflow vulnerability (cdf14b68-3ff9-11d9-8405-00065be4b5b6)

high Nessus Plugin ID 19127

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Donato Ferrante reported an exploitable buffer overflow in this software package. Any user that can login with 'admin' privileges can abuse it, trough the $RedirectAll command, to execute arbitrary code.

Solution

Update the affected package.

See Also

https://marc.info/?l=bugtraq&m=110144606411674

https://security.gentoo.org/glsa/200411-37

http://www.nessus.org/u?bd77f115

Plugin Details

Severity: High

ID: 19127

File Name: freebsd_pkg_cdf14b683ff911d9840500065be4b5b6.nasl

Version: 1.16

Type: local

Published: 7/13/2005

Updated: 1/6/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:opendchub, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 11/27/2004

Vulnerability Publication Date: 11/24/2004