This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Stanislav Brabec discovered errors in yamt's path name handling that
lead to buffer overflows and directory traversal issues. When
processing a file with a maliciously crafted ID3 tag, yamt might
overwrite arbitrary files or possibly execute arbitrary code.
The SuSE package ChangeLog contains :
- Several security fixes (#49337) :
- directory traversal in rename
- directory traversal in sort
- buffer overflow in sort
- buffer overflow in rename
See also :
Update the affected package.
Risk factor :
High / CVSS Base Score : 7.5
Family: FreeBSD Local Security Checks
Nessus Plugin ID: 19046 (freebsd_pkg_99b5cfa5d3d211d98ffb00061bc2ad93.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now