FreeBSD : ChaSen -- buffer overflow (972837fc-c304-11e3-8758-00262d5ed8ee)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

JVN iPedia reports :

ChaSen provided by Nara Institute of Science and Technology is a
software for morphologically analyzing Japanese. ChaSen contains an
issue when reading in strings, which may lead to a buffer overflow.

An arbitrary script may be executed by an attacker with access to a
system that is running a product listed in 'Products Affected.'

See also :

http://jvn.jp/en/jp/JVN16901583/index.html
http://www.nessus.org/u?08da695b

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 73488 ()

Bugtraq ID:

CVE ID: CVE-2011-4000

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now