This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.
The remote Windows host contains an application that is prone to a
buffer overflow vulnerability.
Cygwin, a Linux-like environment for Windows, is installed on the
The version of Cygwin installed on the remote host is affected by a
heap-based buffer overflow vulnerability involving a filename length
check. Using a filename between 233 and 239 characters, an attacker
who can create a file on the remote can leverage this issue to execute
arbitrary code on the affected host subject to the privileges under
which Cygwin operates.
See also :
Upgrade to Cygwin 1.5.24 as that version is reportedly not affected.
Risk factor :
High / CVSS Base Score : 8.5
CVSS Temporal Score : 6.3
Public Exploit Available : false