This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
An un-checked return value in the BGP dissector code can result in an
integer overflow. This value is used in subsequent buffer management
operations, resulting in a stack based buffer overflow under certain
circumstances. Impact : By crafting malicious BGP packets, an attacker
could exploit this vulnerability to execute code or crash the tcpdump
process on the target system. This code would be executed in the
context of the user running tcpdump(1). It should be noted that
tcpdump(1) requires privileges in order to open live network
interfaces. Workaround : No workaround is available.
See also :
Update the affected package.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.3
Public Exploit Available : true