FreeBSD : nagios -- denial of service vulnerability (ba04a373-7d20-11e3-8992-00132034b086)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Eric Stanley reports :

Most CGIs previously incremented the input variable counter twice when
it encountered a long key value. This could cause the CGI to read past
the end of the list of CGI variables.

See also :

http://www.nessus.org/u?f4c8faa9
https://bugzilla.redhat.com/show_bug.cgi?id=1046113
http://www.nessus.org/u?e5a50228

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 6.4
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 71961 ()

Bugtraq ID:

CVE ID: CVE-2013-7108
CVE-2013-7205