FreeBSD : security/ossec-hids-* -- root escalation via temp files (36858e78-3963-11e4-ad84-000c29f6ae42)

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing one or more security-related

Description :

OSSEC reports :

This correction will create the temp file for the hosts deny file in
/var/ossec and will use mktemp where available to create
NON-predictable temp file name. In cases where mktemp is not available
we have written a BAD version of mktemp, but should be a little better
then just process id.

See also :

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.2

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 77638 ()

Bugtraq ID:

CVE ID: CVE-2014-5284

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now