How to Buy
This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Colin Percival reports :
In versions 1.0.22 through 1.0.27 of Tarsnap, the CTR nonce value is
not incremented after each chunk is encrypted. (The CTR counter is
correctly incremented after each 16 bytes of data was processed, but
this counter is reset to zero for each new chunk.)
Note that since the Tarsnap client-server protocol is encrypted, being
able to intercept Tarsnap client-server traffic does not provide an
attacker with access to the data.
See also :
Update the affected package.
Risk factor :
Family: FreeBSD Local Security Checks
Nessus Plugin ID: 51567 ()
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.