FreeBSD : fd_set -- bitmap index overflow in multiple applications (4c005a5e-2541-4d95-80a0-00c76919aa66)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

3APA3A reports :

If programmer fails to check socket number before using select() or
fd_set macros, it's possible to overwrite memory behind fd_set
structure. Very few select() based application actually check
FD_SETSIZE value. [...]

Depending on vulnerable application it's possible to overwrite
portions of memory. Impact is close to off-by-one overflows, code
execution doesn't seems exploitable.

See also :

http://web.archive.org/web/20050429014203/http://www.gotbnc.com/cha
http://www.security.nnov.ru/advisories/sockets.asp
http://marc.info/?l=bugtraq&m=110660879328901
http://www.nessus.org/u?0cb0688d

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 18929 (freebsd_pkg_4c005a5e25414d9580a000c76919aa66.nasl)

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now