This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Todd C. Miller reports :
A race condition in Sudo's command pathname handling prior to Sudo
version 1.6.8p9 that could allow a user with Sudo privileges to run
Exploitation of the bug requires that the user be allowed to run one
or more commands via Sudo and be able to create symbolic links in the
filesystem. Furthermore, a sudoers entry giving another user access to
the ALL pseudo-command must follow the user's sudoers entry for the
race to exist.
See also :
Update the affected package.
Risk factor :
Low / CVSS Base Score : 3.7
CVSS Temporal Score : 3.2
Public Exploit Available : true