FreeBSD : Tor -- remote denial of service (c1dc55dc-9556-11e6-b154-3065ec8fd3ec)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

The Tor Blog reports :

Prevent a class of security bugs caused by treating the contents of a
buffer chunk as if they were a NUL-terminated string. At least one
such bug seems to be present in all currently used versions of Tor,
and would allow an attacker to remotely crash most Tor instances,
especially those compiled with extra compiler hardening. With this
defense in place, such bugs can't crash Tor, though we should still
fix them as they occur. Closes ticket 20384 (TROVE-2016-10-001).

See also :

https://blog.torproject.org/blog/tor-0289-released-important-fixes
http://www.nessus.org/u?9e2139d1

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 94127 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now