FreeBSD : FreeBSD -- Multiple portsnap vulnerabilities (e7dcd69d-8ee6-11e6-a590-14dae9d210b8)

This script is Copyright (C) 2016 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing one or more security-related

Description :

Flaws in portsnap's verification of downloaded tar files allows
additional files to be included without causing the verification to
fail. Portsnap may then use or execute these files. Impact : An
attacker who can conduct man in the middle attack on the network at
the time when portsnap is run can cause portsnap to execute arbitrary
commands under the credentials of the user who runs portsnap,
typically root.

See also :

Solution :

Update the affected packages.

Risk factor :


Family: FreeBSD Local Security Checks

Nessus Plugin ID: 93944 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now