FreeBSD : verlihub -- insecure temporary file usage and arbitrary command execution (58997463-e012-11dd-a765-0030843d3802)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

securityfocus reports :

An attacker with local access could potentially exploit this issue to
perform symbolic-link attacks, overwriting arbitrary files in the
context of the affected application.

Successfully mounting a symlink attack may allow the attacker to
delete or corrupt sensitive files, which may result in a denial of
service. Other attacks may also be possible.

Verlihub is prone to a remote command-execution vulnerability because
it fails to sufficiently validate user input.

Successfully exploiting this issue would allow an attacker to execute
arbitrary commands on an affected computer in the context of the
affected application.

See also :

http://www.nessus.org/u?0bc89b52

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.4
(CVSS2#E:F/RL:W/RC:ND)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 35336 (freebsd_pkg_58997463e01211dda7650030843d3802.nasl)

Bugtraq ID: 32420
32889

CVE ID: CVE-2008-5705
CVE-2008-5706

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now