FreeBSD : security/ossec-hids-* -- root escalation via syscheck feature (c470db07-1098-11e5-b6a8-002590263bf5)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

OSSEC reports :

The CVE-2015-3222 vulnerability, which allows for root escalation via
sys check has been fixed in OSSEC 2.8.2. This issue does not affect
agents.

See also :

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200801
http://www.ossec.net/?p=1198
https://github.com/ossec/ossec-hids/releases/tag/2.8.2
http://www.nessus.org/u?9cd5cf76

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.9
(CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 84182 ()

Bugtraq ID:

CVE ID: CVE-2015-3222

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now