This script is Copyright (C) 2015 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
chicken developer Moritz Heidkamp reports :
The substring-index[-ci] procedures of the data-structures unit are
vulnerable to a buffer overrun attack when passed an integer greater
than zero as the optional START argument.
As a work-around you can switch to SRFI 13's string-contains procedure
which also returns the substring's index in case it is found.
See also :
Update the affected package.
Risk factor :
High / CVSS Base Score : 7.5