FreeBSD : gnutls -- file overwrite by setuid programs (9c196cfd-2ccc-11e6-94b0-0011d823eebd)

high Nessus Plugin ID 91510

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

gnutls.org reports :

Setuid programs using GnuTLS 3.4.12 could potentially allow an attacker to overwrite and corrupt arbitrary files in the filesystem.

Solution

Update the affected package.

See Also

https://gnutls.org/security.html#GNUTLS-SA-2016-1

http://www.nessus.org/u?b2fb43ec

Plugin Details

Severity: High

ID: 91510

File Name: freebsd_pkg_9c196cfd2ccc11e694b00011d823eebd.nasl

Version: 2.3

Type: local

Published: 6/8/2016

Updated: 1/4/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:gnutls, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 6/7/2016

Vulnerability Publication Date: 6/6/2016