FreeBSD : newsfetch -- server response buffer overflow vulnerability (76e0b133-6bfd-11d9-a5df-00065be4b5b6)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

The newsfetch program uses the sscanf function to read information
from server responses into static memory buffers. Unfortunately this
is done without any proper bounds checking. As a result long server
responses may cause an overflow when a newsgroup listing is requested
from an NNTP server.

See also :

http://people.freebsd.org/~niels/issues/newsfetch-20050119.txt
http://www.nessus.org/u?ce150873

Solution :

Update the affected package.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 18987 (freebsd_pkg_76e0b1336bfd11d9a5df00065be4b5b6.nasl)

Bugtraq ID:

CVE ID: CVE-2005-0132

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now