FreeBSD : rssh -- format string vulnerability (1f826757-26be-11d9-ad2d-0050fc56d258)

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

There is a format string bug in rssh that enables an attacker to
execute arbitrary code from an account configured to use rssh. On
FreeBSD it is only possible to compromise the rssh running account,
not root.

See also :

Solution :

Update the affected package.

Risk factor :


Family: FreeBSD Local Security Checks

Nessus Plugin ID: 37369 (freebsd_pkg_1f82675726be11d9ad2d0050fc56d258.nasl)

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now