This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
lighttpd security advisories report :
It is possible to inadvertantly enable vulnerable ciphers when using
In certain cases setuid() and similar can fail, potentially triggering
lighttpd to restart running as root.
If FAMMonitorDirectory fails, the memory intended to store the context
is released; some lines below the 'version' compoment of that context
is read. Reading invalid data doesn't matter, but the memory access
could trigger a segfault.
See also :
Update the affected package.
Risk factor :
High / CVSS Base Score : 7.6