This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
There are 3 buffer overflows in jid.c that are triggered during
parsing of JID strings when components (user, host or resource) are
- jid.c, line 103: overflow in `str' buffer through strcpy() when
'user' part is too long.
- jid.c, line 115: overflow in `str' buffer through strcpy() when
'host' part is too long.
- jid.c, line 127: overflow in `str' buffer through strcpy() when
'resource' part is too long.
These overflows can be used to perform a DoS attack on the server (sm
process segfaults) and can possible be used for arbitrary code
See also :
Update the affected package.
Risk factor :
Family: FreeBSD Local Security Checks
Nessus Plugin ID: 19342 (freebsd_pkg_55041d37ff6211d9a9a5000ae4641456.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now