This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Problem Description Two problems related to extraction of files exist
in gzip :
The first problem is that gzip does not properly sanitize filenames
containing '/' when uncompressing files using the -N command line
The second problem is that gzip does not set permissions on newly
extracted files until after the file has been created and the file
descriptor has been closed. Impact The first problem can allow an
attacker to overwrite arbitrary local files when uncompressing a file
using the -N command line option.
The second problem can allow a local attacker to change the
permissions of arbitrary local files, on the same partition as the one
the user is uncompressing a file on, by removing the file the user is
uncompressing and replacing it with a hardlink before the uncompress
operation is finished. Workaround Do not use the -N command line
option on untrusted files and do not uncompress files in directories
where untrusted users have write access.
See also :
Update the affected package.
Risk factor :
Medium / CVSS Base Score : 5.0
Family: FreeBSD Local Security Checks
Nessus Plugin ID: 18960 (freebsd_pkg_63bd4baddffe11d9b8750001020eed82.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now