This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
When setlogin(2) is called while setting up a new login session, the
login name is copied into an uninitialized stack buffer, which is then
copied into a buffer of the same size in the session structure. The
getlogin(2) system call returns the entire buffer rather than just the
portion occupied by the login name associated with the session. Impact
: An unprivileged user can access this memory by calling getlogin(2)
and reading beyond the terminating NUL character of the resulting
string. Up to 16 (FreeBSD 8) or 32 (FreeBSD 9 and 10) bytes of kernel
memory may be leaked in this manner for each invocation of
This memory may contain sensitive information, such as portions of the
file cache or terminal buffers, which an attacker might leverage to
obtain elevated privileges.
See also :
Update the affected packages.
Risk factor :
Low / CVSS Base Score : 2.1
CVSS Temporal Score : 1.8
Public Exploit Available : false