FreeBSD : mcweject -- exploitable buffer overflow (84d3fbb2-e607-11db-8a32-000c76189c4c)

This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

CVE reports :

Buffer overflow in eject.c in Jason W. Bacon mcweject 0.9 on FreeBSD,
and possibly other versions, allows local users to execute arbitrary
code via a long command line argument, possibly involving the device
name.

See also :

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=111365
http://www.nessus.org/u?56ba8524

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 25017 (freebsd_pkg_84d3fbb2e60711db8a32000c76189c4c.nasl)

Bugtraq ID:

CVE ID: CVE-2007-1719

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now