FreeBSD : OpenSMTPD -- multiple vulnerabilities (42852f72-6bd3-11e5-9909-002590263bf5)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

OpenSMTPD developers report :

fix an mda buffer truncation bug which allows a user to create forward
files that pass session checks but fail delivery later down the chain,
within the user mda

fix remote buffer overflow in unprivileged pony process

reworked offline enqueue to better protect against hardlink attacks

See also :

http://www.openwall.com/lists/oss-security/2015/10/04/2
https://www.opensmtpd.org/announces/release-5.7.3.txt
http://www.nessus.org/u?74c6257e

Solution :

Update the affected package.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 86276 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now