FreeBSD : node, iojs, and v8 -- denial of service (864e6f75-2372-11e5-86ff-14dae9d210b8)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

node reports :

This release of Node.js fixes a bug that triggers an out-of-band write
in V8's utf-8 decoder. This bug impacts all Buffer to String
conversions. This is an important security update as this bug can be
used to cause a denial of service attack.

See also :

http://blog.nodejs.org/2015/07/03/node-v0-12-6-stable/
http://www.nessus.org/u?5294b12d
http://www.nessus.org/u?980afe68
https://codereview.chromium.org/1226493003
http://www.nessus.org/u?43923e27

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 84524 ()

Bugtraq ID:

CVE ID: CVE-2015-5380

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now