FreeBSD : p7zip -- directory traversal vulnerability (8f5c9dd6-5cac-11e5-9ad8-14dae9d210b8)

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Alexander Cherepanov reports :

7z (and 7zr) is susceptible to a directory traversal vulnerability.
While extracting an archive, it will extract symlinks and then follow
them if they are referenced in further entries. This can be exploited
by a rogue archive to write files outside the current directory.

See also :

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 5.8

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 85966 ()

Bugtraq ID:

CVE ID: CVE-2015-1038

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now