This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
The Xen Project reports :
pygrub, the boot loader emulator, fails to quote (or sanity check) its
results when reporting them to its caller.
A malicious guest administrator can obtain the contents of sensitive
host files (an information leak). Additionally, a malicious guest
administrator can cause files on the host to be removed, causing a
denial of service. In some unusual host configurations, ability to
remove certain files may be usable for privilege escalation.
See also :
Update the affected package.
Risk factor :
Medium / CVSS Base Score : 4.6