This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
A NULL pointer dereference in the initialization code of the HZ module
and an out of bounds array access in the initialization code of the
VIQR module make iconv_open(3) calls involving HZ or VIQR result in an
application crash. Impact : Services where an attacker can control the
arguments of an iconv_open(3) call can be caused to crash resulting in
a denial-of-service. For example, an email encoded in HZ may cause an
email delivery service to crash if it converts emails to a more
generic encoding like UTF-8 before applying filtering rules.
See also :
Update the affected package.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : false