This script is Copyright (C) 2005-2015 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
The argument parser of the fetch command suffers a bug very similiar
to the partial command problem. Arguments like 'body[p', 'binary[p' or
'binary[p' will be wrongly detected and the bufferposition can point
outside of the allocated buffer for the rest of the parsing process.
When the parser triggers the PARSE_PARTIAL macro after such a
malformed argument was received this can lead to a similiar one byte
memory corruption and allows remote code execution, when the heap
layout was successfully controlled by the attacker.
See also :
Update the affected packages.
Risk factor :
Critical / CVSS Base Score : 10.0