This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
sam2p developers report :
In sam2p 0.49.3, a heap-based buffer overflow exists in the
pcxLoadImage24 function of the file in_pcx.cpp.
In sam2p 0.49.3, the in_xpm_reader function in in_xpm.cpp has an
integer signedness error, leading to a crash when writing to an
out-of-bounds array element.
In sam2p 0.49.3, an integer overflow exists in the pcxLoadImage24
function of the file in_pcx.cpp, leading to an invalid write
In sam2p 0.49.3, the pcxLoadRaster function in in_pcx.cpp has an
integer signedness error leading to a heap-based buffer overflow.
Because of an integer overflow in sam2p 0.49.3, a loop executes
0xffffffff times, ending with an invalid read of size 1 in the
Image::Indexed::sortPal function in image.cpp. However, this also
causes memory corruption because of an attempted write to the invalid
d[0xfffffffe] array element.
In sam2p 0.49.3, there is an invalid read of size 2 in the parse_rgb
function in in_xpm.cpp. However, this can also cause a write to an
See also :
Update the affected package.
Risk factor :
High / CVSS Base Score : 7.5
Family: FreeBSD Local Security Checks
Nessus Plugin ID: 103557 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now