This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
A malicious HTTP server could cause ftp(1) to execute arbitrary
commands. Impact : When operating on HTTP URIs, the ftp(1) client
follows HTTP redirects, and uses the part of the path after the last
'/' from the last resource it accesses as the output filename if '-o'
is not specified.
If the output file name provided by the server begins with a pipe
('|'), the output is passed to popen(3), which might be used to
execute arbitrary commands on the ftp(1) client machine.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : true