This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
The OpenSSH project reports :
- ssh-agent(1): Will now refuse to load PKCS#11 modules from paths
outside a trusted whitelist (run-time configurable). Requests to load
modules could be passed via agent forwarding and an attacker could
attempt to load a hostile PKCS#11 module across the forwarded agent
channel: PKCS#11 modules are shared libraries, so this would result in
code execution on the system running the ssh-agent if the attacker has
control of the forwarded agent-socket (on the host running the sshd
server) and the ability to write to the filesystem of the host running
ssh-agent (usually the host running the ssh client). (CVE-2016-10009)
- sshd(8): When privilege separation is disabled, forwarded
Unix-domain sockets would be created by sshd(8) with the privileges of
'root' instead of the authenticated user. This release refuses
Unix-domain socket forwarding when privilege separation is disabled
(Privilege separation has been enabled by default for 14 years).
See also :
Update the affected package.
Risk factor :
High / CVSS Base Score : 7.5