FreeBSD : file -- multiple vulnerabilities (9575259a-92d5-11e4-bce6-d050992ecde8)

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

RedHat reports :

Thomas Jarosch of Intra2net AG reported a number of denial of service
issues (resource consumption) in the ELF parser used by file(1). These
issues were fixed in the 5.21 release of file(1), but by mistake are
missing from the changelog.

See also :

http://seclists.org/oss-sec/2014/q4/1056
http://www.nessus.org/u?df4484d5

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 80351 ()

Bugtraq ID: 70807

CVE ID: CVE-2014-3710
CVE-2014-8116
CVE-2014-8117

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now