This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
Due to a missing length check in the code that handles DNS parameters,
a malformed router advertisement message can result in a stack buffer
overflow in rtsold(8). Impact : Receipt of a router advertisement
message with a malformed DNSSL option, for instance from a compromised
host on the same network, can cause rtsold(8) to crash.
While it is theoretically possible to inject code into rtsold(8)
through malformed router advertisement messages, it is normally
compiled with stack protection enabled, rendering such an attack
When rtsold(8) crashes, the existing DNS configuration will remain in
force, and the kernel will continue to receive and process periodic
See also :
Update the affected packages.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.7
Public Exploit Available : false