This script is Copyright (C) 2007-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Gentoo reports :
Sune Kloppenborg Jeppesen and Tavis Ormandy of the Gentoo Linux
Security Team have reported that the check_update.sh script and the
main rkhunter script insecurely creates several temporary files with
A local attacker could create symbolic links in the temporary files
directory, pointing to a valid file somewhere on the filesystem. When
rkhunter or the check_update.sh script runs, this would result in the
file being overwritten with the rights of the user running the
utility, which could be the root user.
See also :
Update the affected package.
Risk factor :
Low / CVSS Base Score : 2.1
CVSS Temporal Score : 2.1
Public Exploit Available : true