FreeBSD : ezbounce remote format string vulnerability (c480eb5e-7f00-11d8-868e-000347dd607f)

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

A security hole exists that can be used to crash the proxy and execute
arbitrary code. An exploit is circulating that takes advantage of
this, and in some cases succeeds in obtaining a login shell on the
machine.

See also :

http://web.archive.org/web/20040508173608/http://ezbounce.dc-team.com/
http://www.nessus.org/u?ed07093b

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 7.1
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 37811 (freebsd_pkg_c480eb5e7f0011d8868e000347dd607f.nasl)

Bugtraq ID: 8071

CVE ID: CVE-2003-0510

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now