This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
The Cyrus SASL library, libsasl, contains functions which may load
dynamic libraries. These libraries may be loaded from the path
specified by the environmental variable SASL_PATH, which in some
situations may be fully controlled by a local attacker. Thus, if a
set-user-ID application (such as chsh) utilizes libsasl, it may be
possible for a local attacker to gain superuser privileges.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.2