This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
The newsgrab script creates files by using the names provided in the
newsgroup messages in a perl open() call. This is done without
performing any security checks to prevent a directory traversal. A
specially crafted newsgroup message could cause newsgrab to drop an
attachment anywhere on the file system using the permissions of the
user running the script.
See also :
Update the affected package.
Risk factor :