This script is Copyright (C) 2007-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Lighttpd SA :
Lighttpd caches the rendered string for mtime. The cache key has as a
default value 0. At that point the pointer to the string are still
NULL. If a file with an mtime of 0 is requested it tries to access the
pointer and crashes.
The bug requires that a malicious user can either upload files or
manipulate the mtime of the files.
The bug was reported by cubiq and fixed by Marcus Rueckert.
See also :
Update the affected package.
Risk factor :
High / CVSS Base Score : 7.8