FreeBSD : sup -- format string vulnerability (2c5757f4-88bf-11d9-8720-0007e900f87b)
Critical Nessus Plugin ID 18887
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionDebian Security Advisory reports :
[email protected] discovered a format string vulnerability in sup, a set of programs to synchronize collections of files across a number of machines, whereby a remote attacker could potentially cause arbitrary code to be executed with the privileges of the supfilesrv process (this process does not run automatically by default).
SolutionUpdate the affected package.