This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Colin Percival reports :
In versions 1.0.22 through 1.0.27 of Tarsnap, the CTR nonce value is
not incremented after each chunk is encrypted. (The CTR counter is
correctly incremented after each 16 bytes of data was processed, but
this counter is reset to zero for each new chunk.)
Note that since the Tarsnap client-server protocol is encrypted, being
able to intercept Tarsnap client-server traffic does not provide an
attacker with access to the data.
See also :
Update the affected package.
Risk factor :
Family: FreeBSD Local Security Checks
Nessus Plugin ID: 51567 ()
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.