FreeBSD : leafnode -- fetchnews denial-of-service triggered by transmission abort/timeout (66dbb2ee-99b8-45b2-bb3e-640caea67a60)

This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

When an upstream server aborts the transmission or stops sending data
after the fetchnews program has requested an article header or body,
fetchnews may crash, without querying further servers that are
configured. This can prevent articles from being fetched.

See also :

http://leafnode.sourceforge.net/leafnode-SA-2005-01.txt
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=80663
http://www.nessus.org/u?77646edf
http://article.gmane.org/gmane.network.leafnode.announce/52
http://www.nessus.org/u?8c0608f3
http://www.nessus.org/u?3414844a
http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0037.html
http://www.frsirt.com/english/advisories/2005/0468
http://www.nessus.org/u?75e9ae46

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.3
(CVSS2#E:H/RL:OF/RC:C)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 18966 (freebsd_pkg_66dbb2ee99b845b2bb3e640caea67a60.nasl)

Bugtraq ID: 13489
13492

CVE ID: CVE-2005-1453

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now