FreeBSD : newspost -- server response buffer overflow vulnerability (7f13607b-6948-11d9-8937-00065be4b5b6)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

The newspost program uses a function named socket_getline to read
server responses from the network socket. Unfortunately this function
does not check the length of the buffer in which the read data is
stored and only stops reading when a newline character is found.

A malicious NNTP server could use this bug to cause a buffer overflow
by sending an overly long response. Such an overflow allows arbitrary
code to be executed, with the privileges of the newspost process, on
the affected systems.

See also :

http://people.freebsd.org/~niels/issues/newspost-20050114.txt
http://www.nessus.org/u?82f3ac41

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 19001 (freebsd_pkg_7f13607b694811d9893700065be4b5b6.nasl)

Bugtraq ID:

CVE ID: CVE-2005-0101

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now